IoTSec:T3.2
From its-wiki.no
Security in IoT for Smart Grids | |||||||
---|---|---|---|---|---|---|---|
|
T3.2 Security usability
Task Title | Human/technical interface, security usability |
---|---|
WP | IoTSec:WP3 |
Lead partner | HiG |
Leader | |
Contributors | NR, ESmart Systems, NCE Smart, HiG |
edit this task |
Objective
This task will define the human/technical interface through visualisation.
Category:Task |
Deliverables in T3.2 Security usability
Title | Due month | Lead partner | Editor | Dissemination level | |
---|---|---|---|---|---|
D3.2.1 | Psychological Profiling for Risk Analysis (draft) | M24 | NTNU | Einar Snekkenes | Public |
D3.2.2 | Incentives and Usability for IoT Security (intermediate) | M36 | NTNU | Einar Snekkenes | Public |
Josef: looks like that we have changed the task fundamentally, should be reflected in an extended title:
Task 3.2 comprises the following subtasks:
- T3.2.1 - The IoTSec eco system (IoTSec PhD NN1 + HIG researcher) - suggested to be moved to T4.1
- T3.2.2 - Conflicting Incentives Risk Analysis for IoT (IoTSec PhD NN1) - like: conflicting incentives, would rather prefer to call it Incentives and Usability for IoT Security
- T3.2.3 - Impact assessment (IoTSec PostDoc NN1) - I would see impact assessment as an industrial activity rather than research
T3.2.1 - The IoTSec eco system
The objective of this subtask is to provide a common world view to ensure that those that do the research work produce results that are relevant, interesting and important to the industrial partners, and that the research partners have clearly defined ‘interfaces’ – i.e. cases and scenarios. By ensuring that the project have a commonly understood world view of interest, we establish a solid foundation for the integration of project results.
Results:
- A clearly defined scope of the project in terms of stakeholders, their interests, technological components and their functionality and interconnection. Also, a clarification of what is considered to be outside the system boundary.
Partners:
- HIG, NCE, + everybody?
Deliverables:
- Technical report
T3.2.2 - Conflicting Incentives Risk Analysis for IoT
Risk management of the interface between humans and technology in an IoT setting follows the CIRA privacy risk analysis from the PETweb II project (http://petweb2.projects.nislab.no) to the design of risk-based adaptive security and privacy.
Activities: Each scenario x (0 < x < 6) identified/constructed from T3.2.1 is addressed through the following list of activities:
- T3.2.2.x.1 Identification and analysis of privacy, cyber, information security risks for scenarios identified in T3.2.1.
- T.3.2.2.x.2 Mechanisms to modify the perceived incentive structures such as to align stakeholder interests will be developed and analysed. This task will develop a library of utility factors suitable for an IoT setting involving critical infrastructure. Furthermore, we will
- T3.2.2.x.3 Identify and construct stakeholder archetypes and strategy taxonomies matching the smart grid operator requirements.
Results:
- 1. A platform for cost effective risk analysis platform based on CIRA/PETweb II results, suitable for IoT critical infrastructure projects.
- 2. Risk analysis of the system to be used by the infrastructure operators in their decision making.
- 3. A completed PhD.
Partners: Lead HIG
Deliverables: One conference article for each of the key scenarios identified. One journal article.
T3.2.3 - Impact assessment
Objective:
- Provide estimates of the impact of IoTSec research results in economic terms in a micro economic business perspective.
Activities: Identification and analysis of issues that influence the impact of project results, including
- An analysis and mapping of economic (commercial, technological, social and regulatory) incentives to invest in security controls that improve the data integrity, privacy, and service resilience in IoT for smart grids.
- A cost-benefit analysis of smart grid technologies with respect to service resilience, security data integrity and privacy. A valuation of economic value of security measures with respect to data security and privacy at macro and micro levels.
- An assessment of existing financial instruments and development of novel financial instruments to incentivize investments in security in IoT for smart grids and to distribute the risk among the stakeholders.
Results:
- A projection of the impact of technological project results, expressed in economic terms.
Partners:
- Lead HIG, NCE, ESmart Systems.
Deliverables:
- 3 technical reports,
- 3 conference articles.