Evaluating Security of IIoT Testbeds
STRIDE methodology. 4 The STRIDE
methodology identifies the following types
of threats: spoofing, tampering, repudiation,
information disclosure, denial of service, and
elevation of privilege. The second case study
is the Smart Factory Machine Learning case
study also shows a threat model generated
using the STRIDE methodology.
8. The completed Testbed proposal will
be brought to the IIC Steering
Committee for approval.
9. Once approved, testbed starts
operating.
Ideally, the TSCG team and Testbed teams
will review the security profile periodically,
as technology changes and experience with
the Testbed is gained. This iteration in the
review process has not been put into
practice yet.
Retail Video Analytics
The Retail Video Analytics Testbed
personalizes the retail experience by using
actionable insights in real time through the
interconnection of video cameras, analytics,
and machine learning algorithms. The
companies’ participating in the testbed are
NEC
Corporation®,
Microsoft,
Brierley+Partners® and a major retail
enterprise.
C ASE S TUDIES
The case studies described in this section
provide concrete examples of the
information collected as part of the testbed
security review process. The first of these is
the Retail Video Analytics case study that
demonstrates the use of an architecture
diagram to show trust boundaries, as well as
a ranking of security threats. This case study
show s a thread model generated using the
Figure 3 describes the testbed architecture
and trust boundaries as provided by the
testbed team. The trust boundaries are
delimited by dotted red lines. The
Retail Store
Retailer
Figure 3: Retail Video Analytics architecture and trust boundaries
4
Shostack, Adam. Threat modeling: Designing for security. John Wiley & Sons, (2014).
- 54 -
March 2018