LIST OF FIGURES xiii LIST OF TABLES xvii FOREWORD xix PREFACE xxix ACKNOWLEDGMENTS xxxiii CONTRIBUTORS xxxv ACRONYMS xli INTRODUCTION xlvii PART I EMBEDDED DESIGN SECURITY 1 1 CERTIFIED SECURITY BY DESIGN FOR THE INTERNET OF THINGS 3 Shiu-Kai Chin 1.1 Introduction / 3 1.2 Lessons from the Microelectronics Revolution / 3 1.3 Certified Security by Design / 5 1.4 Chapter Outline / 9 1.5 An Access-Control Logic / 9 1.6 An Introduction to HOL / 17 1.7 The Access-Control Logic in HOL / 25 1.

8 Cryptographic Components and Their Models in Higher-Order Logic / 30 1.9 Cryptographic Hash Functions / 33 1.10 Asymmetric-Key Cryptography / 33 1.11 Digital Signatures / 36 1.12 Adding Security to State Machines / 38 1.13 A Networked Thermostat Certified Secure by Design / 49 1.14 Thermostat Use Cases / 52 1.15 Security Contexts for the Server and Thermostat / 56 1.

16 Top-Level Thermostat Secure-State Machine / 58 1.17 Refined Thermostat Secure-State Machine / 67 1.18 Equivalence of Top-Level and Refined Secure-State Machines / 81 1.19 Conclusions / 84 Appendix / 86 References / 99 2 CYBER-ASSURANCE THROUGH EMBEDDED SECURITY FOR THE INTERNET OF THINGS 101 Tyson T. Brooks and Joon Park 2.1 Introduction / 101 2.2 Cyber-Security and Cyber-Assurance / 106 2.3 Recognition, Fortification, Re-Establishment, Survivability / 108 2.

4 Conclusion / 120 References / 122 3 A SECURE UPDATE MECHANISM FOR INTERNET OF THINGS DEVICES 129 Martin Goldberg 3.1 Introduction / 129 3.2 Importance of IOT Security / 130 3.3 Applying the Defense In-Depth Strategy for Updating / 131 3.4 A Standards Approach / 132 3.5 Conclusion / 134 References / 135 PART II TRUST IMPACT 137 4 SECURITY AND TRUST MANAGEMENT FOR THE INTERNET OF THINGS: AN RFID AND SENSOR NETWORK PERSPECTIVE 139 M. Bala Krishna 4.1 Introduction / 139 4.

2 Security and Trust in the Internet of Things / 142 4.3 Radio Frequency Identification: Evolution and Approaches / 147 4.4 Security and Trust in Wireless Sensor Networks / 151 4.5 Applications of Internet of Things and RFID in Real-Time Environment / 156 4.6 Future Research Directions and Conclusion / 158 References / 159 5 THE IMPACT OF IoT DEVICES ON NETWORK TRUST BOUNDARIES 163 Nicole Newmeyer 5.1 Introduction / 163 5.2 Trust Boundaries / 164 5.3 Risk Decisions and Conclusion / 173 References / 174 PART III WEARABLE AUTOMATION PROVENANCE 175 6 WEARABLE IoT COMPUTING: INTERFACE, EMOTIONS, WEARER''S CULTURE, AND SECURITY/PRIVACY CONCERNS 177 Robert McCloud, Martha Lerski, Joon Park, and Tyson T.

Brooks 6.1 Introduction / 177 6.2 Data Accuracy in Wearable Computing / 178 6.3 Interface and Culture / 178 6.4 Emotion and Privacy / 179 6.5 Privacy Protection Policies for Wearable Devices / 181 6.6 Privacy/Security Concerns About Wearable Devices / 182 6.7 Expectations About Future Wearable Devices / 183 References / 184 7 ON VULNERABILITIES OF IoT-BASED CONSUMER-ORIENTED CLOSED-LOOP CONTROL AUTOMATION SYSTEMS 187 Martin Murillo 7.

1 Introduction / 187 7.2 Industrial Control Systems and Home Automation Control / 189 7.3 Vulnerability Identification / 193 7.4 Modeling and Simulation of Basic Attacks to Control Loops and Service Providers / 198 7.5 Illustrating Various Attacks Through a Basic Home Heating System Model / 200 7.6 A Glimpse of Possible Economic Consequences of Addressed Attacks / 203 7.7 Discussion and Conclusion / 205 References / 206 8 BIG DATA COMPLEX EVENT PROCESSING FOR INTERNET OF THINGS PROVENANCE: BENEFITS FOR AUDIT, FORENSICS, AND SAFETY 209 Mark Underwood 8.1 Overview of Complex Event Processing / 209 8.

2 The Need: IoT Security Challenges in Audit, Forensics, and Safety / 211 8.3 Challenges to CEP Adoption in IoT Settings / 213 8.4 CEP and IoT Security Visualization / 215 8.5 Summary / 217 8.6 Conclusion / 219 References / 220 PART IV CLOUD ARTIFICIAL INTELLIGENCE CYBER-PHYSICAL SYSTEMS 225 9 A STEADY-STATE FRAMEWORK FOR ASSESSING SECURITY MECHANISMS IN A CLOUD-OF-THINGS ARCHITECTURE 227 Tyson T. Brooks and Lee McKnight Variable Nomenclature / 227 9.1 Introduction / 228 9.2 Background / 229 9.

3 Establishing a Framework for CoT Analysis / 232 9.4 The CoT Steady-State Framework / 238 9.5 Conclusion / 244 References / 245 10 AN ARTIFICIAL INTELLIGENCE PERSPECTIVE ON ENSURING CYBER-ASSURANCE FOR THE INTERNET OF THINGS 249 Utku Köse 10.1 Introduction / 249 10.2 AI-Related Cyber-Assurance Research for the IoT / 250 10.3 Multidisciplinary Intelligence Enabling Opportunities with AI / 252 10.4 Future Research on AI-Based Cyber-Assurance for IoT / 254 10.5 Conclusion / 255 References / 255 11 PERCEIVED THREAT MODELING FOR CYBER-PHYSICAL SYSTEMS 257 Christopher Leberknight 11.

1 Introduction / 257 11.2 Overview of Physical Security / 259 11.3 Relevance to Grounded Theory / 261 11.4 Theoretical Model Construction / 262 11.5 Experiment / 263 11.6 Results / 267 11.7 Discussion / 275 11.8 Future Research / 276 11.

9 Conclusion / 278 References / 279 APPENDICES A LIST OF IEEE INTERNET OF THINGS STANDARDS 283 B GLOSSARY 319 C CSBD THERMOSTAT REPORT 333 D CSBD ACCESS-CONTROL LOGIC REPORT 415 BIBLIOGRAPHY 433 INDEX 457.