A.S. Nasser, M. Riegler, J. Rozenblit: Towards Strategies for Secure Data Transfer of IoTDevices with Limited Resources, 33rd DEXA Conferences and Workshops, Dexa 2022, Vienna Austria, August 22-24.2022. Doi: 10.1007/978-3-031-14343-4_30

Many Cyber Physical Systems (CPSs) and Internet ofThings (IoT) devices are constrained in terms of computation speed, memory, power, area and bandwidth. As they interact with the physical world, various aspects such as safety, security, and privacy should be considered while processing personal data. Systems should continue operating even under harsh conditions and when the network connections (e.g., to the cloud) are lost. If that happens and the storage capacity is limited, sensor data may be overwritten irrevocably.This paper presents preliminary ideas and the planned research methodology to examine and define strategies to secure the data transfer from IoT devices which have limitations to edge devices and the cloud, and to overcome the situation when a device loses its connection to prevent data loss. Context-aware Security Modes for Medical Devices Medical devices require the provision of life-critical functionality even under adverse conditions. We imagine to model (at design time) and to switch (at run-time) security modes in a self-adaptive way, thus, reducing attack surfaces in case of a malfunction, attack, or when vulnerabilities become known. Modes return back to normal when patches are provided and installed. Context-aware devices can resiliently provide a degraded mode of operation with a smaller attack surface instead of completely disabling the whole system and/or a devicerecall. Healthcare organizations and patients should actively protect themselves by implicitly or explicitly switching to modes with reduced attack surfaces and, thus, limited ranges of activity for attackers. We use simulation to check all circumstances and these lf-healing functionality to return to normal mode again. In this paper, we present our ongoing work to make medical devices more secure. We discuss how mode scan support that, how they are defined and which challenges they provide in order to secure medical devices.

Towards Strategies for Secure Data Transfer of IoT Devices with Limited Resources