IoT Security Evaluation: A Set of Strategies Combined of Inspection, Testing, and Experimentation
Abstract
IoT software systems research has significantly expanded recently, particularly with AI technologies' emergence and widespread adoption. Given their critical nature of continuous connectivity, such systems demand robust security measures. Therefore, it is fundamental to apply technologies that support their quality assurance (QA), specifically security. This thesis proposes strategies combining quality assurance technologies (software inspection, testing, and continuous experimentation) to enhance the final quality of these systems.
Keywords:
Internet of Things, Security Requirements, Continuous Experimentation, Software Inspection, Software Testing
References
Auer, F., and Felderer, M. (2018) "Current state of research on continuous experimentation: a systematic mapping study." 44th Euromicro Conference on Software Engineering and Advanced Applications (SEAA), 2018, p. 335-344.
De Paiva, B.D., De Souza, B.P., and Travassos, G. H. (2023) “CryptoComponent: um Componente de Criptografia para Sistemas de Software IoT de Baixo Custo.” In Anais Estendidos do XIV Congresso Brasileiro de Software: Teoria e Prática (pp. 90-99).
De Souza, B.P., de Paiva, B.D., and Travassos, G. H. (2023a) “Using Experimentation to Evaluate Security Requirements in IoT Software Systems.” In 2023 Symposium on Internet of Things (SIoT) (pp. 1-5).
De Souza B.P., Santos P.S., and Travassos G.H. (2023b) “On Challenges and Opportunities of Using Continuous Experimentation in the Engineering of Contemporary Software Systems.” In Proceedings of the XIX Brazilian Symposium on Information Systems 2023 May 29 (pp. 372-379).
Erthal, V.M., De Souza, B.P., dos Santos, P.S.M., and Travassos, G.H. (2023). “Characterization of continuous experimentation in software engineering: Expressions, models, and strategies.” Science of Computer Programming, 229, 102961.
ISO/IEC 27000, 2018. Information technology — Security techniques — Information security management systems — Overview and vocabulary. [link]
Mafra, S.N., Barcelos, R.F., and Travassos, G. H. (2006) “Aplicando uma metodologia baseada em evidência na definição de novas tecnologias de software.” In Anais do XX Simpósio Brasileiro de Engenharia de Software, 2006, p. 239-254. SBC.
Motta, R. C., DE Oliveira, K. M., Travassos, G. H. (2018) "On challenges in engineering IoT software systems," Proceedings of the XXXII Brazilian Symposium on Software Engineering, New York, NY, USA, ACM, 2018, p. 42–51. DOI: 10.1145/3266237.3266263
Motta, R. C., Silva, V., Travassos, G. H. (2019) “Towards a more in-depth understanding of the IoT Paradigm and its challenges.” JOURNAL OF SOFTWARE ENGINEERING RESEARCH AND DEVELOPMENT, v. 7, p. 1, 2019.
De Paiva, B.D., De Souza, B.P., and Travassos, G. H. (2023) “CryptoComponent: um Componente de Criptografia para Sistemas de Software IoT de Baixo Custo.” In Anais Estendidos do XIV Congresso Brasileiro de Software: Teoria e Prática (pp. 90-99).
De Souza, B.P., de Paiva, B.D., and Travassos, G. H. (2023a) “Using Experimentation to Evaluate Security Requirements in IoT Software Systems.” In 2023 Symposium on Internet of Things (SIoT) (pp. 1-5).
De Souza B.P., Santos P.S., and Travassos G.H. (2023b) “On Challenges and Opportunities of Using Continuous Experimentation in the Engineering of Contemporary Software Systems.” In Proceedings of the XIX Brazilian Symposium on Information Systems 2023 May 29 (pp. 372-379).
Erthal, V.M., De Souza, B.P., dos Santos, P.S.M., and Travassos, G.H. (2023). “Characterization of continuous experimentation in software engineering: Expressions, models, and strategies.” Science of Computer Programming, 229, 102961.
ISO/IEC 27000, 2018. Information technology — Security techniques — Information security management systems — Overview and vocabulary. [link]
Mafra, S.N., Barcelos, R.F., and Travassos, G. H. (2006) “Aplicando uma metodologia baseada em evidência na definição de novas tecnologias de software.” In Anais do XX Simpósio Brasileiro de Engenharia de Software, 2006, p. 239-254. SBC.
Motta, R. C., DE Oliveira, K. M., Travassos, G. H. (2018) "On challenges in engineering IoT software systems," Proceedings of the XXXII Brazilian Symposium on Software Engineering, New York, NY, USA, ACM, 2018, p. 42–51. DOI: 10.1145/3266237.3266263
Motta, R. C., Silva, V., Travassos, G. H. (2019) “Towards a more in-depth understanding of the IoT Paradigm and its challenges.” JOURNAL OF SOFTWARE ENGINEERING RESEARCH AND DEVELOPMENT, v. 7, p. 1, 2019.
Published
2025-05-12
How to Cite
SOUZA, Bruno Pedraça de.
IoT Security Evaluation: A Set of Strategies Combined of Inspection, Testing, and Experimentation. In: IBERO-AMERICAN CONFERENCE ON SOFTWARE ENGINEERING (CIBSE), 28. , 2025, Ciudad Real/Espanha.
Anais [...].
Porto Alegre: Sociedade Brasileira de Computação,
2025
.
p. 233-240.
DOI: https://doi.org/10.5753/cibse.2025.35308.
