Next Article in Journal
Homotopy Semi-Numerical Modeling of Non-Newtonian Nanofluid Transport External to Multiple Geometries Using a Revised Buongiorno Model
Previous Article in Journal / Special Issue
An Internet of Things-Based Low-Power Integrated Beekeeping Safety and Conditions Monitoring System
Open AccessArticle

Determining Information Security Threats for an IoT-Based Energy Internet by Adopting Software Engineering and Risk Management Approaches

Department of Information Management, National United University, Miaoli 36003, Taiwan
*
Author to whom correspondence should be addressed.
Inventions 2019, 4(3), 53; https://doi.org/10.3390/inventions4030053
Received: 5 July 2019 / Revised: 25 August 2019 / Accepted: 3 September 2019 / Published: 11 September 2019
(This article belongs to the Special Issue IoT and Energy Internet)
This paper introduces an information security threat modeling (ISTM) scheme, which leverages the strengths of software engineering and risk management approaches, called I-SERM. The proposed I-SERM scheme effectively and efficiently prioritizes information security threats for IT systems that utilize a large number of sensors, such as Internet of Things (IoT)-based energy systems. I-SERM operations include determining functional components, identifying associated threat types, analyzing threat items, and prioritizing key threats with the use of software engineering tools such as product flow diagrams, use case diagrams, and data flow diagrams. By simultaneously referring to a proposed STRIDE+p matrix and a defined threat breakdown structure with reference score (TBS+r) scheme, the I-SERM approach enables systematic ISTM. To demonstrate the usability of I-SERM, this study presents a practical case aimed at electricity load balancing on a smart grid. In brief, this study indicates a substantive research direction that combines the advantages of software engineering and risk management into a systematic ISTM process. In addition, the demonstration of I-SERM in practice provides a valuable and practical reference for I-SERM application, and contributes to research in the field of information security designs for IoT-based Energy Internet systems. View Full-Text
Keywords: Internet of Things; Energy Internet; threat model; software engineering; risk management Internet of Things; Energy Internet; threat model; software engineering; risk management
Show Figures

Figure 1

MDPI and ACS Style

Chen, Y.-T.; Huang, C.-C. Determining Information Security Threats for an IoT-Based Energy Internet by Adopting Software Engineering and Risk Management Approaches. Inventions 2019, 4, 53.

Show more citation formats Show less citations formats
Note that from the first issue of 2016, MDPI journals use article numbers instead of page numbers. See further details here.

Article Access Map by Country/Region

1
Back to TopTop