Defining Cyber Risk Scenarios to Evaluate IoT Systems

Roberto Andrade, Iván Ortiz, María Cazares, Gustavo Navas, María Isabel Sánchez-Pazmiño

Research output: Contribution to journalArticlepeer-review

1 Scopus citations


The growth of the Internet of Things (IoT) has accelerated digital transformation processes in organizations and cities. However, it has also opened new security challenges due to the complexity and dynamism of these systems. The application of security risk analysis methodologies used to evaluate information technology (IT) systems have their limitations to qualitatively assess the security risks in IoT systems, due to the lack of historical data and the dynamic behavior of the solutions based on the IoT. The objective of this study is to propose a methodology for developing a security risk analysis using scenarios based on the risk factors of IoT devices. In order to manage the uncertainty due to the dynamics of IoT behaviors, we propose the use of Bayesian networks in conjunction with the Best Worst Method (BWM) for multi-criteria decision-making to obtain a quantitative security risk value.

Original languageEnglish
Article number1
Issue number1
StatePublished - Feb 2023

Bibliographical note

Publisher Copyright:
© 2022 by the authors.


  • Bayesian network
  • cybersecurity
  • IoT
  • multi-criteria analysis
  • risk analysis


Dive into the research topics of 'Defining Cyber Risk Scenarios to Evaluate IoT Systems'. Together they form a unique fingerprint.

Cite this