The research groups IDIS from the University of Cauca, LIFIA from the National University of La Plata, and Logiciel from the Fundación Universitaria de Popayán have published an article in the journal Tecnológicas proposing a lightweight method for specifying security scenarios by integrating requirements and architectural viewpoints in the context of IoT solutions for agriculture.

The journal Tecnológicas, Category B according to Colciencias, published the research article titled “SemIoTica: An Approach to Model Security Scenarios for IoT-Based Agriculture Software,” authored by Julio Ariel Hurtado, Leandro Antonelli, Oscar Santiago López Erazo, Adriana Gómez, Juliana Delle Ville, Giuliana Maltempo, Giovanny Zambrano, Andrés Solís, Martha Cecilia Camacho, Miguel Solinas, Gladys Kaplan, and Luis Freddy Muñoz. These authors are members of the research groups IDIS (University of Cauca), LIFIA (National University of La Plata), and Logiciel (Fundación Universitaria de Popayán).

“The article proposed a novel approach to describe security scenarios that can be used to design robust software architectures for IoT technologies in the agricultural field. IoT application developers should be concerned about security (and some other non-functional requirements), as the risk of exposing physical artifacts to intruders is considerable in this area. Additionally, it is challenging to identify threats and design countermeasures. Generally, these issues are identified when it is already too late, when an intruder exploits a vulnerability,” said Oscar Santiago López Erazo, a student in the Master’s program in Computing at the University of Cauca.

Thus, it presented a lightweight approach that begins with a description of the functional requirements. It then identifies misuse of the application to design countermeasures to address it. This article also described a prototype tool to help apply the proposed approach. The method consists of four essential steps: (i) describe scenarios for the intended software application, (ii) describe scenarios related to the previous ones but referring to incorrect use of the application, (iii) apply a set of rules to map attributes of the previous scenarios to architectural scenarios, and (iv) describe the architectural scenarios in more detail. Additionally, a preliminary evaluation of this method was also conducted.

“Agriculture is a vital human activity that contributes to sustainable development. A few decades ago, the agricultural sector introduced the Internet of Things (IoT), playing a significant role in precision and smart agriculture. IoT developments in agriculture require collaboration between multiple devices, which increases their vulnerability, primarily due to the lack of integrated security due to contextual constraints,” he adds.

Other threats to these devices concern the storage and processing of data connected to peripheral or cloud servers. To ensure that IoT solutions meet both functional and non-functional requirements, especially security requirements, software companies should adopt a security-focused approach to their software requirements specification. The goal of the article was to propose a lightweight method for specifying security scenarios by integrating requirements and architectural viewpoints in the context of IoT in agricultural solutions.

For more information:

Faculty of Electronic Engineering and Telecommunications
Email: decafiet@unicauca.edu.co