Disputation: Manish Shrestha
M.sc. Manish Shrestha by the Department of Technology Systems will be defending his thesis:
LightSC: A light-weight security classification methodology to design and evaluate security of IoT systems
for the degree of Philosophiae Doctor.
The PhD defence will be fully digital and streamed directly using Zoom. The host of the session will moderate the technicalities while the chair of the defence will moderate the disputation.
Ex auditorio questions: the chair of the defence will invite the audience to ask ex auditorio questions either written or oral. This can be requested by clicking 'Participants -> Raise hand'.
Privacy-preserving Machine Learning: Overview and discussion of privacy-enhancing technical approaches for privacy challenges with ML
Main research findings
The Internet of Things (IoT) emerged with purely functional purposes providing sensing, connectivity, and control features at a lower cost with little concern for security.
However, the increasing number of cyber-attacks and wider adoption of IoT systems in diverse domains have raised security and privacy challenges. Despite available mechanisms, several IoT systems still lack adequate security implementation. We observed that current security approaches are expensive, time-consuming, and are substantially dependent on security experts and thus are not feasible for low-cost consumer IoT systems. Therefore, this thesis proposes a new goal-based, light-weight methodology called LightSC for IoT systems. The LightSC is tailored for non-security-experts, who can select appropriate connectivity and security mechanisms to obtain the desired security level in their system. We also have proposed a tool to support to make the LightSC methodology, which can be integrated into a DevSecOps tool-chain. DevSecOps refers to a set of practices of integrating development, security, and operation to streamline the system development life cycle process.
The LightSC tool was evaluated by real stakeholders (mostly non-experts) by successfully applying it to nineteen different IoT systems. We believe that our work will help industries to design and develop secure IoT systems, regulatory bodies to establish and enforce security regulations, and end-users to become aware of selecting adequately secure IoT products.
For more information
Ida Elisabeth Rydning, email@example.com
Technician, Arild Hemstad, firstname.lastname@example.org