Conférence : The 35th International Conference on Industrial, Engineering & Other Applications of Applied Intelligent Systems, 18 juillet 2022
Emerging technologies utilised in building modern systems make them inter-operable but potentially exposed to security threats. Thus, engineers need to consider the system structure and behaviour at the design level. This paper addresses the security risk assessment of inter-operable IoT systems designed in BIP (Behaviour–Interaction–Priority). For this purpose, we model different attacks scenarios from Microsoft STRIDE threats catalogue and identify the threats entry points in the component–port–connector architecture. Using standards communication styles such as message passing, we compose architectural components to model data flow between communication entities. We use BIP statistical model checking to assess the architecture conformance regarding security properties expressed in temporal logic.