Defining Cyber Risk Scenarios to Evaluate IoT Systems

Roberto Andrade; Iván Ortiz; María Cazares; Gustavo Navas; María Isabel Sánchez-Pazmiño

doi:10.3390/g14010001

Defining Cyber Risk Scenarios to Evaluate IoT Systems

Roberto Andrade, Iván Ortiz, María Cazares, Gustavo Navas, María Isabel Sánchez-Pazmiño

Producción científica: Contribución a una revista › Artículo › revisión exhaustiva

1 Cita (Scopus)

Resumen

The growth of the Internet of Things (IoT) has accelerated digital transformation processes in organizations and cities. However, it has also opened new security challenges due to the complexity and dynamism of these systems. The application of security risk analysis methodologies used to evaluate information technology (IT) systems have their limitations to qualitatively assess the security risks in IoT systems, due to the lack of historical data and the dynamic behavior of the solutions based on the IoT. The objective of this study is to propose a methodology for developing a security risk analysis using scenarios based on the risk factors of IoT devices. In order to manage the uncertainty due to the dynamics of IoT behaviors, we propose the use of Bayesian networks in conjunction with the Best Worst Method (BWM) for multi-criteria decision-making to obtain a quantitative security risk value.

Idioma original	Inglés
Número de artículo	1
Publicación	Games
Volumen	14
N.º	1
DOI	https://doi.org/10.3390/g14010001
Estado	Publicada - feb. 2023

Nota bibliográfica

Publisher Copyright:
© 2022 by the authors.

Acceder al documento

10.3390/g14010001

Otros archivos y enlaces

Enlace a la publicación en Scopus

Citar esto

@article{ed8c9dfe99064986be6015020e8dc1ad,

title = "Defining Cyber Risk Scenarios to Evaluate IoT Systems",

abstract = "The growth of the Internet of Things (IoT) has accelerated digital transformation processes in organizations and cities. However, it has also opened new security challenges due to the complexity and dynamism of these systems. The application of security risk analysis methodologies used to evaluate information technology (IT) systems have their limitations to qualitatively assess the security risks in IoT systems, due to the lack of historical data and the dynamic behavior of the solutions based on the IoT. The objective of this study is to propose a methodology for developing a security risk analysis using scenarios based on the risk factors of IoT devices. In order to manage the uncertainty due to the dynamics of IoT behaviors, we propose the use of Bayesian networks in conjunction with the Best Worst Method (BWM) for multi-criteria decision-making to obtain a quantitative security risk value.",

keywords = "Bayesian network, cybersecurity, IoT, multi-criteria analysis, risk analysis",

author = "Roberto Andrade and Iv{\'a}n Ortiz and Mar{\'i}a Cazares and Gustavo Navas and S{\'a}nchez-Pazmi{\~n}o, {Mar{\'i}a Isabel}",

note = "Publisher Copyright: {\textcopyright} 2022 by the authors.",

year = "2023",

month = feb,

doi = "10.3390/g14010001",

language = "English",

volume = "14",

journal = "Games",

issn = "2073-4336",

publisher = "MDPI Multidisciplinary Digital Publishing Institute",

number = "1",

}

TY - JOUR

T1 - Defining Cyber Risk Scenarios to Evaluate IoT Systems

AU - Andrade, Roberto

AU - Ortiz, Iván

AU - Cazares, María

AU - Navas, Gustavo

AU - Sánchez-Pazmiño, María Isabel

PY - 2023/2

Y1 - 2023/2

N2 - The growth of the Internet of Things (IoT) has accelerated digital transformation processes in organizations and cities. However, it has also opened new security challenges due to the complexity and dynamism of these systems. The application of security risk analysis methodologies used to evaluate information technology (IT) systems have their limitations to qualitatively assess the security risks in IoT systems, due to the lack of historical data and the dynamic behavior of the solutions based on the IoT. The objective of this study is to propose a methodology for developing a security risk analysis using scenarios based on the risk factors of IoT devices. In order to manage the uncertainty due to the dynamics of IoT behaviors, we propose the use of Bayesian networks in conjunction with the Best Worst Method (BWM) for multi-criteria decision-making to obtain a quantitative security risk value.

AB - The growth of the Internet of Things (IoT) has accelerated digital transformation processes in organizations and cities. However, it has also opened new security challenges due to the complexity and dynamism of these systems. The application of security risk analysis methodologies used to evaluate information technology (IT) systems have their limitations to qualitatively assess the security risks in IoT systems, due to the lack of historical data and the dynamic behavior of the solutions based on the IoT. The objective of this study is to propose a methodology for developing a security risk analysis using scenarios based on the risk factors of IoT devices. In order to manage the uncertainty due to the dynamics of IoT behaviors, we propose the use of Bayesian networks in conjunction with the Best Worst Method (BWM) for multi-criteria decision-making to obtain a quantitative security risk value.

KW - Bayesian network

KW - cybersecurity

KW - IoT

KW - multi-criteria analysis

KW - risk analysis

UR - http://www.scopus.com/inward/record.url?scp=85148757971&partnerID=8YFLogxK

U2 - 10.3390/g14010001

DO - 10.3390/g14010001

M3 - Article

AN - SCOPUS:85148757971

SN - 2073-4336

VL - 14

JO - Games

JF - Games

IS - 1

M1 - 1

ER -

Defining Cyber Risk Scenarios to Evaluate IoT Systems

Resumen

Nota bibliográfica

Acceder al documento

Otros archivos y enlaces

Huella

Citar esto