short-paper

The architectural divergence problem in security and privacy of eHealth IoT product lines

Authors:

Oleksandr Tomashchuk,

Dimitri Van Landuyt,

Wouter JoosenAuthors Info & Claims

SPLC '21: Proceedings of the 25th ACM International Systems and Software Product Line Conference - Volume A

Pages 114 - 119

https://doi.org/10.1145/3461001.3473061

Published: 06 September 2021 Publication History

Abstract

The Internet of Things (IoT) seamlessly becomes integrated into many aspects of daily life, and in the case of healthcare, it arises in the shape of eHealth IoT systems. Evidently, the design of such systems must apply best practices when it comes to security and privacy, in addition to ensuring compliance with various national and international regulations. When it comes to the required functionality, commonalities and variations can effectively be managed in a product line approach that involves deriving specific application architecture variants from a common reference architecture.

This paper illustrates and discusses a specific problem encountered in the establishment of a software product-line in this specific context: the adoption of systematic security and privacy threat modeling and risk assessment approaches introduces a variation space that is very difficult to capture in a proactive product-line approach. One of the main causes for this is that threat assessment itself suffers from the problem of threat explosion, i.e. combinatorial explosions of threats that have to be investigated and systematically mitigated. The highlighted divergence of the security and privacy threats across architectural variants is illustrated in the specific case of an industry IoT-based e-health software product line.

References

[1]

[n. d.]. HEalth related Activity Recognition system based on IoT. http://heart.-itn.eu/

[2]

2019. Toward the automation of threat modeling and risk assessment in IoT systems. Internet of Things 7 (2019), 100056.

[3]

Clara Ayora, Victoria Torres, Barbara Weber, Manfred Reichert, and Vicente Pelechano. 2015. VIVACE: A framework for the systematic evaluation of variability support in process-aware information systems. Information and Software Technology 57 (2015), 248--276.

[4]

Thomas Degueule, Joao Bosco Ferreira Filho, Olivier Barais, Mathieu Acher, Jérôme Le Noir, Sébastien Madelénat, Grégory Gailliard, Godefroy Burlot, and Olivier Constant. 2015. Tooling Support for Variability and Architectural Patterns in Systems Engineering (SPLC '15). Association for Computing Machinery, New York, NY, USA, 361--364.

Digital Library

[5]

Mina Deng, Kim Wuyts, Riccardo Scandariato, Bart Preneel, and Wouter Joosen. 2011. A privacy threat analysis framework: supporting the elicitation and fulfillment of privacy requirements. Requirements Engineering Journal 16 (2011), 3--32.

Digital Library

[6]

Jack Freund and Jack Jones. 2014. Measuring and Managing Information Risk: A FAIR Approach. Butterworth-Heinemann, USA.

Digital Library

[7]

José A. Galindo, Deepak Dhungana, Rick Rabiser, David Benavides, Goetz Botterweck, and Paul Grünbacher. 2015. Supporting distributed product configuration by integrating heterogeneous variability modeling approaches. Information and Software Technology 62 (2015), 78--100.

Digital Library

[8]

Mark Harman, S Afshin Mansouri, and Yuanyuan Zhang. 2012. Search-based software engineering: Trends, techniques and applications. ACM Computing Surveys (CSUR) 45, 1 (2012), 1--61.

Digital Library

[9]

Shawn Hernan, Scott Lambert, Tomasz Ostwald, and Adam Shostack. 2006. Threat Modeling: Uncover Security Design Flaws Using the STRIDE Approach. MSDN Magazine 6 (Nov. 2006). https://msdn.microsoft.com/en-us/magazine/cc163519.aspx.

[10]

Jose-Miguel Horcas, Mónica Pinto, and Lidia Fuentes. 2018. Variability models for generating efficient configurations of functional quality attributes. Information and Software Technology 95 (2018), 147--164.

Digital Library

[11]

Loren Kohnfelder and Praerit Garg. 1999. The threats to our products. Microsoft Interface (April 1999).

[12]

Xavier Larriva-Novo, Mario Vega-Barbas, Victor A. Villagrá, Diego Rivera, Mario Sanz, and Manuel Álvarez Campana. 2020. Dynamic Risk Management Architecture Based on Heterogeneous Data Sources for Enhancing the Cyber Situational Awareness in Organizations. In Proceedings of the 15th International Conference on Availability, Reliability and Security (ARES '20). Association for Computing Machinery, New York, NY, USA, Article 100, 9 pages.

Digital Library

[13]

Mahdi Noorian, Ebrahim Bagheri, and Weichang Du. 2017. Toward automated quality-centric product line configuration using intentional variability. Journal of Software: Evolution and Process 29, 9 (2017), e1870. arXiv:https://onlinelibrary.wiley.com/doi/pdf/10.1002/smr.1870 e1870smr.1870.

[14]

Sven Peldszus, Daniel Strüber, and Jan Jürjens. 2018. Model-Based Security Analysis of Feature-Oriented Software Product Lines. 53, 9 (Nov. 2018), 93--106.

Digital Library

[15]

Juliana Alves Pereira, Pawel Matuszyk, Sebastian Krieter, Myra Spiliopoulou, and Gunter Saake. 2016. A Feature-Based Personalized Recommender System for Product-Line Configuration. SIGPLAN Not. 52, 3 (Oct. 2016), 120--131.

Digital Library

[16]

Klaus Pohl, Günter Böckle, Frank van der Linden, and Gunter Bc6ckle. 2005. Software Product Line Engineering: Foundations, Principles, and Techniques. Springer Berlin / Heidelberg, Berlin, Heidelberg.

Digital Library

[17]

Adam Shostack. 2014. Threat Modeling: Designing for Security. John Wiley & Sons, Indianapolis, Indiana. 590 pages.

Digital Library

[18]

Adam Shostack. 2014. Threat Modeling: Designing for Security (1st ed.). Wiley Publishing.

Digital Library

[19]

Laurens Sion, Dimitri Van Landuyt, Koen Yskout, and Wouter Joosen. 2018. SPARTA: Security Privacy Architecture Through Risk-Driven Threat Assessment. In 2018 IEEE International Conference on Software Architecture Companion (ICSAC). 89--92.

[20]

Laurens Sion, Koen Yskout, Dimitri Van Landuyt, and Wouter Joosen. 2018. Solution-Aware Data Flow Diagrams for Security Threat Modelling. In Proceedings of The 6th Track on Software Architecture: Theory, Technology, and Applications. to appear.

Digital Library

[21]

Xhevahire Tërnava, Johann Mortara, and Philippe Collet. 2019. Identifying and Visualizing Variability in Object-Oriented Variability-Rich Systems (SPLC '19). Association for Computing Machinery, New York, NY, USA, 231--243.

Digital Library

[22]

Oleksandr Tomashchuk. [n. d.]. Supporting materials for publication "The architectural divergence problem in security and privacy of eHealth IoT product lines". https://u.pcloud.link/publink/show?code=kZ68cMXZlVp5Xh9jB8Hetl3r3MwMXb1E4Tgy

[23]

Oleksandr Tomashchuk. 2020. Threat and Risk Management Framework for eHealth IoT Applications. In 24th ACM International Systems and Software Product Line Conference, Rafael Capilla, Philippe Collet, Paul Gazzillo, Jacob Krüger, Roberto Erick Lopez-Herrejon, Sarah Nadi, Gilles Perrouin, Iris Reinhartz-Berger, Julia Rubin, and Ina Schaefer (Eds.). ACM, 120--126.

Digital Library

[24]

Dimitri Van Landuyt and Wouter Joosen. 2020. A descriptive study of assumptions made in LINDDUN privacy threat elicitation. In The 35th ACM/SIGAPP Symposium On Applied Computing, Chih-Cheng Hung, Tomás Cerný, Dongwan Shin, and Alessio Bechini (Eds.). ACM, 1--8.

Digital Library

Cited By

Verreydt SLanduyt DJoosen W(2024)Run-time threat models for systematic and continuous risk assessmentSoftware and Systems Modeling10.1007/s10270-024-01242-5Online publication date: 6-Dec-2024
https://doi.org/10.1007/s10270-024-01242-5
Eggert MGünther KMaletschek JMaxiniuc AMann-Wahrenberg AFelfernig AFuentes L(2022)In three steps to software product linesProceedings of the 26th ACM International Systems and Software Product Line Conference - Volume A10.1145/3546932.3547003(170-177)Online publication date: 12-Sep-2022
https://dl.acm.org/doi/10.1145/3546932.3547003

Index Terms

The architectural divergence problem in security and privacy of eHealth IoT product lines
1. Security and privacy
  1. Human and societal aspects of security and privacy
    1. Economics of security and privacy
  2. Systems security
    1. Information flow control
2. Software and its engineering
  1. Software creation and management

Recommendations

IoT Security & Privacy: Threats and Challenges
IoTPTS '15: Proceedings of the 1st ACM Workshop on IoT Privacy, Trust, and Security

The era of the Internet of Things (IoT) has already started and it will profoundly change our way of life. While IoT provides us many valuable benefits, IoT also exposes us to many different types of security threats in our daily life. Before the advent ...
IoT Security: Practical guide book
What Makes IoT Secure? A Maturity Analysis of Industrial Product Manufacturers’ Approaches to IoT Security
HCI for Cybersecurity, Privacy and Trust
Abstract
The Internet of Things (IoT) carries enormous potential but also exposes products to new security threats. Even though recent years have seen several costly breaches and security experts advocate for a more proactive approach, security is often ...

Comments

Information & Contributors

Information

Published In

cover image ACM Conferences

SPLC '21: Proceedings of the 25th ACM International Systems and Software Product Line Conference - Volume A

September 2021

239 pages

ISBN:9781450384698

DOI:10.1145/3461001

General Chairs:
Mohammad Reza Mousavi
King's College London, UK
,
Pierre-Yves Schobbens
University of Namur, Belgium

Copyright © 2021 ACM.

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

Sponsors

SIGSOFT: ACM Special Interest Group on Software Engineering

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 06 September 2021

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Qualifiers

Short-paper

Funding Sources

Horizon 2020 Framework Programme

Conference

SPLC '21

Sponsor:

SIGSOFT

SPLC '21: 25th ACM International Systems and Software Product Line Conference

September 6 - 11, 2021

Leicester, United Kingdom

Acceptance Rates

Overall Acceptance Rate 167 of 463 submissions, 36%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

2
Total Citations
View Citations
139
Total Downloads

Downloads (Last 12 months)14
Downloads (Last 6 weeks)5

Reflects downloads up to 02 Mar 2025

Other Metrics

View Author Metrics

Citations

Cited By

Verreydt SLanduyt DJoosen W(2024)Run-time threat models for systematic and continuous risk assessmentSoftware and Systems Modeling10.1007/s10270-024-01242-5Online publication date: 6-Dec-2024
https://doi.org/10.1007/s10270-024-01242-5
Eggert MGünther KMaletschek JMaxiniuc AMann-Wahrenberg AFelfernig AFuentes L(2022)In three steps to software product linesProceedings of the 26th ACM International Systems and Software Product Line Conference - Volume A10.1145/3546932.3547003(170-177)Online publication date: 12-Sep-2022
https://dl.acm.org/doi/10.1145/3546932.3547003

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Full Access

Get this Publication

View options

PDF

View or Download as a PDF file.

eReader

View online with eReader.

Figures

Tables

Media

View Table of Conten