SIOT-RIMM: Towards Secure IOT-Requirement Implementation Maturity Model

It is very crucial for an organization to encapsulate the requirements in its early stage when they are intending to build a novel system such as the internet of things (IoT), particularly when it comes to capturing privacy and security requirements to gain the public confidence. The proposed research is focused to develop a secure IoT-requirement implementation maturity model (SIOT-RIMM). The proposed model will assist the software development organizations to improve and modify their requirement engineering processes in terms of security and privacy of IoT. The SIOT-RIMM model will be developed based on the existing IoT literature pertaining to security and privacy, industrial empirical study and understanding of the challenges that could negatively influence the implementation of security and privacy in IoT. To develop the maturity levels of SIOT-RIMM, we will consider the concepts of existing maturity models of other software engineering domains. In this preliminary study, 19 challenges were identified using the SLR approach that might have a negative impact on the IoT requirements engineering process. The identified challenges will contribute to the development of SIOT-RIMM maturity levels.

[1]  Isabel Wagner,et al.  Privacy in the Smart City—Applications, Technologies, Challenges, and Solutions , 2018, IEEE Communications Surveys & Tutorials.

[2]  Srivaths Ravi,et al.  Security as a new dimension in embedded system design , 2004, Proceedings. 41st Design Automation Conference, 2004..

[3]  Christine Nadel,et al.  Case Study Research Design And Methods , 2016 .

[4]  S. Geertman,et al.  The development of smart cities in China , 2015 .

[5]  Niraj K. Jha,et al.  A Comprehensive Study of Security of Internet-of-Things , 2017, IEEE Transactions on Emerging Topics in Computing.

[6]  Gary McGraw,et al.  The Building Security in Maturity Model ({BSIMM}) , 2009 .

[7]  Mahmood Niazi,et al.  A preliminary structure of software outsourcing vendors' readiness model , 2010, PROFES '10.

[8]  Michael Howard,et al.  The security development lifecycle : SDL, a process for developing demonstrably more secure software , 2006 .

[9]  Basel Alomair,et al.  Efficient Authentication for Mobile and Pervasive Computing , 2010, IEEE Transactions on Mobile Computing.

[10]  Pearl Brereton,et al.  Performing systematic literature reviews in software engineering , 2006, ICSE.

[11]  Sikandar Ali,et al.  Software outsourcing partnership model: An evaluation framework for vendor organizations , 2016, J. Syst. Softw..

[12]  Vangelis Metsis,et al.  IoT Middleware: A Survey on Issues and Enabling Technologies , 2017, IEEE Internet of Things Journal.

[13]  Jalal Al-Muhtadi,et al.  Internet of Things Security based on Devices Architecture , 2016 .

[14]  Mohammad Shameem,et al.  Investigation of Project Administration related challenging factors of Requirements Change Management in global software development: A systematic literature review , 2018, 2018 International Conference on Computing, Electronic and Electrical Engineering (ICE Cube).

[15]  Luigi Alfredo Grieco,et al.  Security, privacy and trust in Internet of Things: The road ahead , 2015, Comput. Networks.

[16]  AliSikandar,et al.  Software outsourcing partnership model , 2016 .

[17]  Martin Gilje Jaatun,et al.  Security Requirements for the Rest of Us: A Survey , 2008, IEEE Software.

[18]  Arif Ali Khan,et al.  Investigation of the requirements change management challenges in the domain of global software development , 2019, J. Softw. Evol. Process..

[19]  Jing Yao,et al.  A Privacy-Preserving Data Obfuscation Scheme Used in Data Statistics and Data Mining , 2013, 2013 IEEE 10th International Conference on High Performance Computing and Communications & 2013 IEEE International Conference on Embedded and Ubiquitous Computing.

[20]  Arif Ali Khan,et al.  Improving the Quality of Software Development Process by Introducing a New Methodology–AZ-Model , 2018, IEEE Access.

[21]  Michael Daskalantonakis,et al.  Achieving higher SEI levels , 1994, IEEE Software.

[22]  Mireille Hildebrandt,et al.  Defining Profiling: A New Type of Knowledge? , 2008, Profiling the European Citizen.

[23]  Sufian Hameed,et al.  Understanding Security Requirements and Challenges in Internet of Things (IoT): A Review , 2019, J. Comput. Networks Commun..

[24]  Didar Zowghi,et al.  A Maturity Model for the Implementation of Software Process Improvement: an Empirical Study , 2022 .

[25]  D. Skiba The Internet of Things (IoT). , 2013, Nursing education perspectives.

[26]  Mohsen Guizani,et al.  Smart Cities: A Survey on Data Management, Security, and Enabling Technologies , 2017, IEEE Communications Surveys & Tutorials.

[27]  Siffat Ullah Khan,et al.  Software outsourcing vendors' readiness model (SOVRM) , 2011 .

[28]  Carlos Serrao,et al.  Web application security: Improving critical web-based applications quality through in-depth security analysis , 2011, International Conference on Information Society (i-Society 2011).

[29]  Gary Davis 2020: Life with 50 billion connected devices , 2018, 2018 IEEE International Conference on Consumer Electronics (ICCE).

[30]  Gang Gan,et al.  Internet of Things Security Analysis , 2011, 2011 International Conference on Internet Technology and Applications.

[31]  Sugata Sanyal,et al.  Survey of Security and Privacy Issues of Internet of Things , 2015, ArXiv.

[32]  Mukund Chaudhary,et al.  CMMI for Development , 2017 .

[33]  Gergely Trifonov Reducing the number of security vulnerabilities in web applications by improving software quality , 2009, 2009 5th International Symposium on Applied Computational Intelligence and Informatics.

[34]  Lei Cui,et al.  Security and Privacy in Smart Cities: Challenges and Opportunities , 2018, IEEE Access.