Achieving the security in IoT is one of the biggest challenges since these devices frequently perform a series of collect, exchange, process, and react to data tasks. Thus the impact of IoT failures can be serious. IoT security is the practices to keep our system safe by protecting from breaches and threats, identify and monitor the risks and observe the vulnerabilities in the system to fix and avoid them. The main goal of IoT security is to ensure data privacy, con- fidentiality, ensure the security of the users, infrastructures and all IoT system components and guarantee the availability and integrity of our IoT ecosystem and the services offered by it. Recently, many widely organizations have issued IoT Security guide best practices and ‘baseline’ or ‘core’ requirements for IoT devices security. In this thesis we will analyze and review the main IoT security regulations and standards which have been published by for- mal standardisation organisations to date. First we will have a comparison between some of the IoT security standards in EU and US and we will discuss the role of the interest alliances and industry associations in contributing to these standards, and we will do a summarizing and critical analysis of these requirements. Then we will create a test card for IoT products stating that if the IoT product is compliant with the chosen standard, we will discuss how the security requirements and standards can be technically implemented on an actual IoT product. Finally we will address the challenges in creating a harmonized security standards for all IoT devices and the difficulties that will face both the manufactures and the standard organizations.

Achieving the security in IoT is one of the biggest challenges since these devices frequently perform a series of collect, exchange, process, and react to data tasks. Thus the impact of IoT failures can be serious. IoT security is the practices to keep our system safe by protecting from breaches and threats, identify and monitor the risks and observe the vulnerabilities in the system to fix and avoid them. The main goal of IoT security is to ensure data privacy, con- fidentiality, ensure the security of the users, infrastructures and all IoT system components and guarantee the availability and integrity of our IoT ecosystem and the services offered by it. Recently, many widely organizations have issued IoT Security guide best practices and ‘baseline’ or ‘core’ requirements for IoT devices security. In this thesis we will analyze and review the main IoT security regulations and standards which have been published by for- mal standardisation organisations to date. First we will have a comparison between some of the IoT security standards in EU and US and we will discuss the role of the interest alliances and industry associations in contributing to these standards, and we will do a summarizing and critical analysis of these requirements. Then we will create a test card for IoT products stating that if the IoT product is compliant with the chosen standard, we will discuss how the security requirements and standards can be technically implemented on an actual IoT product. Finally we will address the challenges in creating a harmonized security standards for all IoT devices and the difficulties that will face both the manufactures and the standard organizations.

Review on IoT Cybersecurity Standards: Design security tests for IoT devices based on the ETSI framework standards

KAWAS, MHD NAZEER
2022/2023

Abstract

Achieving the security in IoT is one of the biggest challenges since these devices frequently perform a series of collect, exchange, process, and react to data tasks. Thus the impact of IoT failures can be serious. IoT security is the practices to keep our system safe by protecting from breaches and threats, identify and monitor the risks and observe the vulnerabilities in the system to fix and avoid them. The main goal of IoT security is to ensure data privacy, con- fidentiality, ensure the security of the users, infrastructures and all IoT system components and guarantee the availability and integrity of our IoT ecosystem and the services offered by it. Recently, many widely organizations have issued IoT Security guide best practices and ‘baseline’ or ‘core’ requirements for IoT devices security. In this thesis we will analyze and review the main IoT security regulations and standards which have been published by for- mal standardisation organisations to date. First we will have a comparison between some of the IoT security standards in EU and US and we will discuss the role of the interest alliances and industry associations in contributing to these standards, and we will do a summarizing and critical analysis of these requirements. Then we will create a test card for IoT products stating that if the IoT product is compliant with the chosen standard, we will discuss how the security requirements and standards can be technically implemented on an actual IoT product. Finally we will address the challenges in creating a harmonized security standards for all IoT devices and the difficulties that will face both the manufactures and the standard organizations.
2022
Review on IoT Cybersecurity Standards and Design of security tests for IoT devices based on the ETSI framework standards
Achieving the security in IoT is one of the biggest challenges since these devices frequently perform a series of collect, exchange, process, and react to data tasks. Thus the impact of IoT failures can be serious. IoT security is the practices to keep our system safe by protecting from breaches and threats, identify and monitor the risks and observe the vulnerabilities in the system to fix and avoid them. The main goal of IoT security is to ensure data privacy, con- fidentiality, ensure the security of the users, infrastructures and all IoT system components and guarantee the availability and integrity of our IoT ecosystem and the services offered by it. Recently, many widely organizations have issued IoT Security guide best practices and ‘baseline’ or ‘core’ requirements for IoT devices security. In this thesis we will analyze and review the main IoT security regulations and standards which have been published by for- mal standardisation organisations to date. First we will have a comparison between some of the IoT security standards in EU and US and we will discuss the role of the interest alliances and industry associations in contributing to these standards, and we will do a summarizing and critical analysis of these requirements. Then we will create a test card for IoT products stating that if the IoT product is compliant with the chosen standard, we will discuss how the security requirements and standards can be technically implemented on an actual IoT product. Finally we will address the challenges in creating a harmonized security standards for all IoT devices and the difficulties that will face both the manufactures and the standard organizations.
IoT security
evaluation
testing
certification
standards
File in questo prodotto:
File Dimensione Formato  
Master_Thesis_MHD Nazeer Kawas.pdf

accesso riservato

Dimensione 4.15 MB
Formato Adobe PDF
4.15 MB Adobe PDF

The text of this website © Università degli studi di Padova. Full Text are published under a non-exclusive license. Metadata are under a CC0 License

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/20.500.12608/46195