Software Security attacks against the internet oriented computing technologies are specifically dangerous and widespread, which cause great financial and critical information loss. SIoT (Social Internet of Things) is an exciting new technology paradigm, where software intensive applications would intercommunicate with humans, other applications, and Social Media in a context aware manner. SIoT applications could offer several capabilities to customers and companies in health, education, business and numerous other fields. However, the security of software applications in paradigm under consideration is the most challenging aspect, where the stakes for personal information and critical human data is considerably high. Security breach of SIoT applications may cause an invasion into a person’s privacy and his critical data. Research in generic software engineering shows that approximately 50% software vulnerabilities (i.e. exploitable weaknesses) remain unresolved and cause threat to the user community. This rate is even higher for a newborn paradigm of SIoT as the interdisciplinary nature of this technology is bound to introduce emergent vulnerabilities. Therefore, trustable SIoT applications could not be developed before comprehensive paradigm specific Security Engineering is done.
The primary aim of this research project is therefore to analyze the SIoT architecture for uncovering the unique and emergent software intensive SIoT security vulnerabilities, intrusions and threats that could occur in heterogeneous scenarios. Afterwards a comprehensive Security Requirements Engineering framework would be established to prevent software related security vulnerabilities from entering into software design and development processes. The solution would incorporate use of Security Requirements Engineering methods and techniques so that the security hitches must be captured and eliminated in the initial phase of software development for SIoT.
DAAD, 2015-2016