Performance evaluation of the SRE and SBPG components of the IoT hardware platform security advisor framework

Abstract The applications of Internet of Things (IoT) and associated technologies have been spreading rapidly across a wide range of domains, including environmental monitoring, home automation, and supply chain, having a significant bearing on the social and economic well-being of humans as well as enhancing environmental sustainability. In recent years, however, there have been several data breaches and other security and privacy incidents involving IoT devices, which have attracted significant attention from the research community in both academia and industry. This has resulted in a surge of proposals put forward by many researchers, including IoT blockchain-based security solutions, IoT intrusion detection systems, IoT authentication systems, and IoT security analytics. While these proposals are aimed at addressing various IoT security and privacy-related issues, many of these solutions arguably seem not to focus on helping designers and developers with little or no security expertise in start-up companies to produce secure IoT systems. To this end, the IoT Hardware Platform Security Advisor (IoT-HarPSecA) framework was proposed to foster the design and implementation of secure IoT systems. In this paper, we present the performance and usability evaluation of the Security Requirements Elicitation (SRE) and Security Best Practice Guidelines (SBPG) component tools of IoT-HarPSecA, which are two of the three component tools of the security framework. Results show that the two components of the IoT-HarPSecA framework can facilitate the development of secure IoT systems and that the SRE and SBPG tools are easy to use.