IoTsecM: A UML/SysML Extension for Internet of Things Security Modeling

Ponciano J Escamilla-Ambrosio; David Robles-Ramirez; Theo Tryfonas; Abraham Rodriguez-Mota; Gina Gallegos-García; Moises Salinas-Rosales

doi:10.1109/ACCESS.2021.3125979

IoTsecM: A UML/SysML Extension for Internet of Things Security Modeling

Ponciano J Escamilla-Ambrosio, David Robles-Ramirez, Theo Tryfonas, Abraham Rodriguez-Mota, Gina Gallegos-García, Moises Salinas-Rosales

Department of Civil Engineering

Research output: Contribution to journal › Article (Academic Journal) › peer-review

4 Citations (Scopus)

413 Downloads (Pure)

Abstract

In this paper, an approach referred to as IoTsecM is proposed. This proposal is a UML/SysML extension for security requirements modeling within the analysis stage in a waterfall development life cycle in a Model-Based Systems Engineering Approach. IoTsecM allows the security requirements representation in two very well-known modeling languages, UML and SysML. With the utilization of this extension, IoT developers can consider the security requirements from the analysis stage in the design process of IoT systems. IoTsecM allows IoT systems to be designed considering possible threats and the corresponding security requirements analysis. The applicability of IoTsecM is demonstrated through applying it to analyze and represent the security requirements in an IoT real-life system in the context of collaborative autonomous vehicles in smart cities. In this use case, IoTsecM was able to represent the security requirements identified within the system architecture elements, in which all countermeasures identified were depicted using the proposed IoTsecM profile.

Original language	English
Pages (from-to)	154112-154135
Number of pages	24
Journal	IEEE Access
Volume	9
Early online date	13 Nov 2021
DOIs	https://doi.org/10.1109/ACCESS.2021.3125979
Publication status	Published - 2021

Bibliographical note

Funding Information:
This work was supported in part by the Consejo Nacional de Ciencia y Tecnolog?a (CONACY), and in part by the Instituto Polit?cnico Nacional under Grant SIP 1999 and Grant 20210039. The work of Theo Tryfonas was supported by the Department for Business, Energy and Industrial Strategy, U.K.

Publisher Copyright:
© 2013 IEEE.

Access to Document

10.1109/ACCESS.2021.3125979Licence: CC BY

Full-text PDF (final published version)
This is the final published version of the article (version of record). It first appeared online via IEEE at https://doi.org/10.1109/ACCESS.2021.3125979 . Please refer to any applicable terms of use of the publisher.
Final published version, 5 MBLicence: CC BY

Handle.net

Persistent link

Cite this

@article{fd6c5f9c11e3421ba4982b5fed91bc18,

title = "IoTsecM: A UML/SysML Extension for Internet of Things Security Modeling",

abstract = "In this paper, an approach referred to as IoTsecM is proposed. This proposal is a UML/SysML extension for security requirements modeling within the analysis stage in a waterfall development life cycle in a Model-Based Systems Engineering Approach. IoTsecM allows the security requirements representation in two very well-known modeling languages, UML and SysML. With the utilization of this extension, IoT developers can consider the security requirements from the analysis stage in the design process of IoT systems. IoTsecM allows IoT systems to be designed considering possible threats and the corresponding security requirements analysis. The applicability of IoTsecM is demonstrated through applying it to analyze and represent the security requirements in an IoT real-life system in the context of collaborative autonomous vehicles in smart cities. In this use case, IoTsecM was able to represent the security requirements identified within the system architecture elements, in which all countermeasures identified were depicted using the proposed IoTsecM profile.",

author = "Escamilla-Ambrosio, {Ponciano J} and David Robles-Ramirez and Theo Tryfonas and Abraham Rodriguez-Mota and Gina Gallegos-Garc{\'i}a and Moises Salinas-Rosales",

note = "Funding Information: This work was supported in part by the Consejo Nacional de Ciencia y Tecnolog?a (CONACY), and in part by the Instituto Polit?cnico Nacional under Grant SIP 1999 and Grant 20210039. The work of Theo Tryfonas was supported by the Department for Business, Energy and Industrial Strategy, U.K. Publisher Copyright: {\textcopyright} 2013 IEEE.",

year = "2021",

doi = "10.1109/ACCESS.2021.3125979",

language = "English",

volume = "9",

pages = "154112--154135",

journal = "IEEE Access",

issn = "2169-3536",

publisher = "Institute of Electrical and Electronics Engineers (IEEE)",

}

TY - JOUR

T1 - IoTsecM: A UML/SysML Extension for Internet of Things Security Modeling

AU - Escamilla-Ambrosio, Ponciano J

AU - Robles-Ramirez, David

AU - Tryfonas, Theo

AU - Rodriguez-Mota, Abraham

AU - Gallegos-García, Gina

AU - Salinas-Rosales, Moises

N1 - Funding Information: This work was supported in part by the Consejo Nacional de Ciencia y Tecnolog?a (CONACY), and in part by the Instituto Polit?cnico Nacional under Grant SIP 1999 and Grant 20210039. The work of Theo Tryfonas was supported by the Department for Business, Energy and Industrial Strategy, U.K. Publisher Copyright: © 2013 IEEE.

PY - 2021

Y1 - 2021

N2 - In this paper, an approach referred to as IoTsecM is proposed. This proposal is a UML/SysML extension for security requirements modeling within the analysis stage in a waterfall development life cycle in a Model-Based Systems Engineering Approach. IoTsecM allows the security requirements representation in two very well-known modeling languages, UML and SysML. With the utilization of this extension, IoT developers can consider the security requirements from the analysis stage in the design process of IoT systems. IoTsecM allows IoT systems to be designed considering possible threats and the corresponding security requirements analysis. The applicability of IoTsecM is demonstrated through applying it to analyze and represent the security requirements in an IoT real-life system in the context of collaborative autonomous vehicles in smart cities. In this use case, IoTsecM was able to represent the security requirements identified within the system architecture elements, in which all countermeasures identified were depicted using the proposed IoTsecM profile.

AB - In this paper, an approach referred to as IoTsecM is proposed. This proposal is a UML/SysML extension for security requirements modeling within the analysis stage in a waterfall development life cycle in a Model-Based Systems Engineering Approach. IoTsecM allows the security requirements representation in two very well-known modeling languages, UML and SysML. With the utilization of this extension, IoT developers can consider the security requirements from the analysis stage in the design process of IoT systems. IoTsecM allows IoT systems to be designed considering possible threats and the corresponding security requirements analysis. The applicability of IoTsecM is demonstrated through applying it to analyze and represent the security requirements in an IoT real-life system in the context of collaborative autonomous vehicles in smart cities. In this use case, IoTsecM was able to represent the security requirements identified within the system architecture elements, in which all countermeasures identified were depicted using the proposed IoTsecM profile.

U2 - 10.1109/ACCESS.2021.3125979

DO - 10.1109/ACCESS.2021.3125979

M3 - Article (Academic Journal)

VL - 9

SP - 154112

EP - 154135

JO - IEEE Access

JF - IEEE Access

SN - 2169-3536

ER -

IoTsecM: A UML/SysML Extension for Internet of Things Security Modeling

Abstract

Bibliographical note

Access to Document

Handle.net

Fingerprint

Cite this