Developing Cybersecurity Capability Forensic Risk Modelling for the Internet of Things
MetadataShow full metadata
The Internet of Things (IoT) has grown from a buzz word into a reality that touches everyone’s lives in different ways, from vehicle automation to air conditioning. In this research the question: “What factors improve Risk Maturity Modelling for the Internet of Things?” is used to guide the research. The research problem is the general confusion of terminology and classification of the Internet of Things (IoT) devices and their function in the current literature. Risk identification requires clarity of object definition before the associated risks may be evaluated. Hence, this research builds a semantic engine to broker IoT documents and to specify objects by abstract contextual definitions according to the particular ecosystem. The purpose is to provide business decision-makers with an expert tool for rapid but accurate IoT risk identification. The value of the tool is that the business can apply the tool and determine the risk position without requiring an in-depth knowledge of an IoT device functionality or description, regardless of the device application. At present the IoT risk context has not been explored in a fashion to establish capability maturity models that suit post event evaluation. In this research the focus is on post event readiness to fill a literature gap that is largely absent from system and device development security literature. The IoT domain is unstable and evolving and the literature is still immature. The observed problem is a lack of appropriate terminology to describe aspects of IoT devices and their functionality, which currently produces a confused mix of semantics. In this research the problems are rationalized into a plan for investigation and the development of a solution. The Design Science methodology is adopted to build a working solution as a prototype for IoT post event risk evaluation. It accepts three inputs that concern the current system state. A semantic engine then processes the three input types and formulates current taxonomies. The capability maturity model then receives the taxonomies and computes the relative maturity levels. This information is a solution to the IoT problem and benefits decision-makers who wish to manage risk and to optimize system forensic readiness. The deliverable from the research is a prototype instantiation. The prototype takes a selected information input, in the form of a text vocabulary information accumulation. The text input is then parsed through the semantic engine process to provide a risk maturity output. The prototype has been tested manually (Chapter four) on three disparate IoT case studies and then automated (Chapter six) (Maroochy, Target, and Tesla). The application of the prototype instantiation to each of the three test cases successfully presents a risk maturity analysis. The prototype, as a Proof-of-Concept, demonstrates utility, and is functional as an expert system. It is a sophisticated solution to the problem statement. However, the core of the prototype is a theoretical design principle, which always delivers an unfinished output. Hence, the current research gives starting points for future research and artefact development for commercialization. The Proof-of-Concept output is designed to lay a foundation for future stages of research. The recommendations focus upon new variations in different domain areas, in terms of Proof-of-Value, and the future operational feasibility, in terms of Proof-of-Use. Proof-of-Use will recommend further research into wider generalizations for different IoT domain areas such as the finance sector, the health industry and so on. Recommended future research into Proof-of-Value is toward the functional development of iterative enhancements, investigating specifications for practical use, specifically targeting workplace outcomes and commercialization opportunities.