Skip to Main content Skip to Navigation
Conference papers

Verifying the Application of Security Measures in IoT Software Systems with Model Learning

Abstract : Most of today's software systems log events to record the events that have occurred in the past. Such logs are particularly useful for auditing security over time. But, the growing sizes and lack of abstraction of the logs make them difficult to interpret manually. This paper proposes an approach combining model learning and model checking to help audit the security of IoT software systems. This approach takes as inputs an event log and generic security measures described with LTL formulas. It generates one formal model for every component of an IoT system and helps auditors make the security measures concrete in order to check if the models satisfy them. The LTL formula instantiation is semi-automatically performed by means of an expert system and inference rules that encode some expert knowledge, which can be applied again to the same kind of systems with less efforts. We evaluate our approach on 3 IoT systems against 11 security measures provided by the European ENISA institute.
Complete list of metadata
Contributor : Sébastien Salva Connect in order to contact the contributor
Submitted on : Wednesday, December 9, 2020 - 12:03:31 PM
Last modification on : Wednesday, February 24, 2021 - 4:24:03 PM
Long-term archiving on: : Wednesday, March 10, 2021 - 7:04:31 PM


Files produced by the author(s)


Distributed under a Creative Commons Attribution 4.0 International License




Sébastien Salva, Elliot Blot. Verifying the Application of Security Measures in IoT Software Systems with Model Learning. 15th International Conference on Software Technologies, Jul 2020, Lieusaint - Paris, France. pp.350-360, ⟨10.5220/0009872103500360⟩. ⟨hal-03048356⟩



Record views


Files downloads