Security Metrics For Embedded Systems

The Research

I am a PhD student from Mondragon University in Spain, currently working in the Industrial Cybersecurity Team at IKERLAN in The Basque Country, Spain.

This web contais the results of the research that we are working on. For more info about me, visit my Personal Web.

Context

Embedded Systems (ES) development is still focused on providing functional capabilities rather than security. In this context, there is clearly an increasing number of security threats over ESs, and the consequences of a malicious and successful attack could cause economical, physical and even human losses. A standardized and general accepted security testing methodology is needed to provide guidance, common reporting forms and the possibility to compare the results along the time. This can be achieve introducing security metrics into the evaluation process.

Content of the web

This web contains:

1. The data used to carry out a systematic review of security metrics proposed in the literature.
2. The comparison between different criteria to assess the quality of a security metric.

This work aims to lay the foundations for further progress in the development of a methodology for the evaluation of ES security.