A Survey of Cybersecurity Certification for the Internet of Things-Reference-Cited by-同舟云学术

A Survey of Cybersecurity Certification for the Internet of Things

Published:2021-11-30 Issue:6 Volume:53 Page:1-36
ISSN:0360-0300
Container-title:ACM Computing Surveys
language:en
Short-container-title:ACM Comput. Surv.

Author:

Matheu Sara N.¹^ORCID,Hernández-Ramos José L.²,Skarmeta Antonio F.¹,Baldini Gianmarco²

Affiliation:

1. University of Murcia, Department of Information and Communications Engineering, Murcia, Spain

2. European Commission, Joint Research Centre, Ispra 21027, Italy

Abstract

In recent years, cybersecurity certification is gaining momentum as the baseline to build a structured approach to mitigate cybersecurity risks in the Internet of Things (IoT). This initiative is driven by industry, governmental institutions, and research communities, which have the goal to make IoT more secure for the end-users. In this survey, we analyze the current cybersecurity certification schemes, as well as the potential challenges to make them applicable for the IoT ecosystem. We also examine current efforts related to risk assessment and testing processes, which are widely recognized as the processes to build a cybersecurity certification framework. Our work provides a multidisciplinary perspective of a possible IoT cybersecurity certification framework by integrating research and technical tools and processes with policies and governance structures, which are analyzed against a set of identified challenges. This survey is intended to give a comprehensive overview of cybersecurity certification to facilitate the definition of a framework that fits in emerging scenarios, such as the IoT paradigm.

Funder

Spanish Ministry of Economy and Competitiveness

Ministry of Education and Professional Training of Spain

European Commission through the SerIoT project

ERDF funds cofinantiation through the PERSEIDES project

CyberSec4Europe

Publisher

Association for Computing Machinery (ACM)

Subject

General Computer Science,Theoretical Computer Science

Link

https://dl.acm.org/doi/pdf/10.1145/3410160

Reference187 articles.

1. European Parliament. 2016. Directive 2010/41/EU of the European Parliament and of the Council of 7 July 2010. Retrieved from https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:32016L11488from=EN. European Parliament. 2016. Directive 2010/41/EU of the European Parliament and of the Council of 7 July 2010. Retrieved from https://eur-lex.europa.eu/legal-content/EN/TXT/PDF/?uri=CELEX:32016L11488from=EN.

2. Cyber Security and the Internet of Things: Vulnerabilities, Threats, Intruders and Attacks

3. Model-Based Testing as a Service for IoT Platforms

Cited by 37 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. Risk and threat mitigation techniques in internet of things (IoT) environments: a survey;Frontiers in the Internet of Things;2024-01-23

2. Integrating the manufacturer usage description standard in the modelling of cyber–physical systems;Computer Standards & Interfaces;2024-01

3. A Deep Learning Approach to Discover Router Firmware Vulnerabilities;IEEE Transactions on Industrial Informatics;2024-01

4. An IoT Security Risk Assessment Framework for Healthcare Environment;2023 International Symposium on Networks, Computers and Communications (ISNCC);2023-10-23

5. A Secure Ensemble Learning-Based Fog-Cloud Approach for Cyberattack Detection in IoMT;IEEE Transactions on Industrial Informatics;2023-10