Defining Cyber Risk Scenarios to Evaluate IoT Systems

Roberto Andrade; Iván Ortiz; María Cazares; Gustavo Navas; María Isabel Sánchez-Pazmiño

doi:10.3390/g14010001

Defining Cyber Risk Scenarios to Evaluate IoT Systems

Roberto Andrade, Iván Ortiz, María Cazares, Gustavo Navas, María Isabel Sánchez-Pazmiño

Research output: Contribution to journal › Article › peer-review

1 Scopus citations

Abstract

The growth of the Internet of Things (IoT) has accelerated digital transformation processes in organizations and cities. However, it has also opened new security challenges due to the complexity and dynamism of these systems. The application of security risk analysis methodologies used to evaluate information technology (IT) systems have their limitations to qualitatively assess the security risks in IoT systems, due to the lack of historical data and the dynamic behavior of the solutions based on the IoT. The objective of this study is to propose a methodology for developing a security risk analysis using scenarios based on the risk factors of IoT devices. In order to manage the uncertainty due to the dynamics of IoT behaviors, we propose the use of Bayesian networks in conjunction with the Best Worst Method (BWM) for multi-criteria decision-making to obtain a quantitative security risk value.

Original language	English
Article number	1
Journal	Games
Volume	14
Issue number	1
DOIs	https://doi.org/10.3390/g14010001
State	Published - Feb 2023

Bibliographical note

Publisher Copyright:
© 2022 by the authors.

Keywords

Bayesian network
cybersecurity
IoT
multi-criteria analysis
risk analysis

Access to Document

10.3390/g14010001

Cite this

@article{ed8c9dfe99064986be6015020e8dc1ad,

title = "Defining Cyber Risk Scenarios to Evaluate IoT Systems",

abstract = "The growth of the Internet of Things (IoT) has accelerated digital transformation processes in organizations and cities. However, it has also opened new security challenges due to the complexity and dynamism of these systems. The application of security risk analysis methodologies used to evaluate information technology (IT) systems have their limitations to qualitatively assess the security risks in IoT systems, due to the lack of historical data and the dynamic behavior of the solutions based on the IoT. The objective of this study is to propose a methodology for developing a security risk analysis using scenarios based on the risk factors of IoT devices. In order to manage the uncertainty due to the dynamics of IoT behaviors, we propose the use of Bayesian networks in conjunction with the Best Worst Method (BWM) for multi-criteria decision-making to obtain a quantitative security risk value.",

keywords = "Bayesian network, cybersecurity, IoT, multi-criteria analysis, risk analysis",

author = "Roberto Andrade and Iv{\'a}n Ortiz and Mar{\'i}a Cazares and Gustavo Navas and S{\'a}nchez-Pazmi{\~n}o, {Mar{\'i}a Isabel}",

note = "Publisher Copyright: {\textcopyright} 2022 by the authors.",

year = "2023",

month = feb,

doi = "10.3390/g14010001",

language = "English",

volume = "14",

journal = "Games",

issn = "2073-4336",

publisher = "MDPI Multidisciplinary Digital Publishing Institute",

number = "1",

}

TY - JOUR

T1 - Defining Cyber Risk Scenarios to Evaluate IoT Systems

AU - Andrade, Roberto

AU - Ortiz, Iván

AU - Cazares, María

AU - Navas, Gustavo

AU - Sánchez-Pazmiño, María Isabel

PY - 2023/2

Y1 - 2023/2

N2 - The growth of the Internet of Things (IoT) has accelerated digital transformation processes in organizations and cities. However, it has also opened new security challenges due to the complexity and dynamism of these systems. The application of security risk analysis methodologies used to evaluate information technology (IT) systems have their limitations to qualitatively assess the security risks in IoT systems, due to the lack of historical data and the dynamic behavior of the solutions based on the IoT. The objective of this study is to propose a methodology for developing a security risk analysis using scenarios based on the risk factors of IoT devices. In order to manage the uncertainty due to the dynamics of IoT behaviors, we propose the use of Bayesian networks in conjunction with the Best Worst Method (BWM) for multi-criteria decision-making to obtain a quantitative security risk value.

AB - The growth of the Internet of Things (IoT) has accelerated digital transformation processes in organizations and cities. However, it has also opened new security challenges due to the complexity and dynamism of these systems. The application of security risk analysis methodologies used to evaluate information technology (IT) systems have their limitations to qualitatively assess the security risks in IoT systems, due to the lack of historical data and the dynamic behavior of the solutions based on the IoT. The objective of this study is to propose a methodology for developing a security risk analysis using scenarios based on the risk factors of IoT devices. In order to manage the uncertainty due to the dynamics of IoT behaviors, we propose the use of Bayesian networks in conjunction with the Best Worst Method (BWM) for multi-criteria decision-making to obtain a quantitative security risk value.

KW - Bayesian network

KW - cybersecurity

KW - IoT

KW - multi-criteria analysis

KW - risk analysis

UR - http://www.scopus.com/inward/record.url?scp=85148757971&partnerID=8YFLogxK

U2 - 10.3390/g14010001

DO - 10.3390/g14010001

M3 - Article

AN - SCOPUS:85148757971

SN - 2073-4336

VL - 14

JO - Games

JF - Games

IS - 1

M1 - 1

ER -

Defining Cyber Risk Scenarios to Evaluate IoT Systems

Abstract

Bibliographical note

Keywords

Access to Document

Other files and links

Fingerprint

Cite this