Abstract
The development of an Internet of Things (IoT) entity is a difficult process that can be performed following a System Development Life Cycle (SDLC). Two important phases of a SDLC process are verification and validation (V &V). Moreover, if we want to guarantee that trust is considered through the SDLC we have to implement it since the first phases and verify and validate its implementation during V &V. Verification usually is defined as “the system has been built right”, on the other hand validation refers to the fact that “the right system has been built”. Concerning trust, following our methodologies we can state that we can verify that “the trusted IoT entity has been built” and validate that “the right trusted IoT entity has been built”. In this paper, we propose a methodology to verify and validate requirements related to a trusted IoT entity. Following the methodology, it is possible to check if the requirements elicited in the early phases of the SDLC have been implemented in the developed functionalities. These final phases will be fundamental in order to achieve trust in the developed IoT entity.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Ackerman, A.F., Buchwald, L.S., Lewski, F.H.: Software inspections: an effective verification process. IEEE Softw. 6(3), 31–36 (1989)
Alonso-Nogueira, A., Estévez-Fernández, H., García, I.: JREM: an approach for formalising models in the requirements phase with JSON and NoSQL databases. Int. J. Comput. Inf. Eng. 11(3), 353–358 (2017)
Arthur, J.D., Dabney, J.B.: Applying standard independent verification and validation (IV &V) techniques within an agile framework: is there a compatibility issue? In: 2017 Annual IEEE International Systems Conference (SysCon), pp. 1–5. IEEE (2017)
Arthur, J.D., Nance, R.E.: Independent verification and validation: a missing link in simulation methodology? In: Proceedings Winter Simulation Conference, pp. 230–236. IEEE (1996)
Čolaković, A., Hadžialić, M.: Internet of things (IoT): a review of enabling technologies, challenges, and open research issues. Comput. Netw. 144, 17–39 (2018)
Edition, F.: Ieee guide-adoption of the project management institute (pmi®) standard a guide to the project management body of knowledge (pmbok® guide) (2011)
Erickson, J.: Trust metrics. In: International Symposium on Collaborative Technologies and Systems, CTS 2009, pp. 93–97. IEEE (2009)
Fagan, M.: Design and code inspections to reduce errors in program development. In: Broy, M., Denert, E. (eds.) Software Pioneers, pp. 575–607. Springer, Heidelberg (2002). https://doi.org/10.1007/978-3-642-59412-0_35
Fernandez-Gago, C., Moyano, F., Lopez, J.: Modelling trust dynamics in the internet of things. Infor. Sci. 396, 72–82 (2017)
Ferraris, D., Daniel, J., Fernandez-Gago, C., Lopez, J.: A segregated architecture for a trust-based network of internet of things. In: 2019 16th IEEE Annual Consumer Communications & Networking Conference (CCNC) (CCNC 2019). Las Vegas, USA, January 2019
Ferraris, D., Fernandez-Gago, C.: TrUStAPIS: a trust requirements elicitation method for IoT. Int. J. Inf. Securi. 19, 1–17 (2019)
Ferraris, D., Fernandez-Gago, C., Lopez, J.: A trust by design framework for the internet of things. In: NTMS’2018 - Security Track (NTMS 2018 Security Track). Paris, France, February 2018
Ferraris, D., Fernandez-Gago, C., Lopez, J.: A model-driven approach to ensure trust in the IoT. Hum.-Cent. Comput. Inf. Sci. 10(1), 1–33 (2020)
Food, U., Administration, D., et al.: Guideline on general principles of process validation. US FDA, Rockville (1987)
Haskins, C., Forsberg, K., Krueger, M., Walden, D., Hamelin, D.: Systems engineering handbook. In: INCOSE (2006)
Hoffman, L.J., Lawson-Jenkins, K., Blum, J.: Trust beyond security: an expanded trust model. Commun. ACM 49(7), 94–101 (2006)
Katz, P., Campbell, C.: FDA 2011 process validation guidance: process validation revisited. J. GXP Compliance 16(4), 18 (2012)
Linhares, M.V., de Oliveira, R.S., Farines, J.M., Vernadat, F.: Introducing the modeling and verification process in SysML. In: 2007 IEEE Conference on Emerging Technologies and Factory Automation (EFTA 2007), pp. 344–351. IEEE (2007)
Marche, C., Nitti, M.: Can we trust trust management systems? IoT 3(2), 262–272 (2022)
Nkuba, C.K., Kim, S., Dietrich, S., Lee, H.: Riding the IoT wave with VFuzz: discovering security flaws in smart homes. IEEE Access 10, 1775–1789 (2021)
Pavlidis, M.: Designing for trust. In: CAiSE (Doctoral Consortium), pp. 3–14 (2011)
Ponsard, C., Ramon, V.: Survey of automation practices in model-driven development and operations. Tech. rep, EasyChair (2022)
Roman, R., Najera, P., Lopez, J.: Securing the internet of things. Computer 44(9), 51–58 (2011)
Acknowledgement
This work has been supported by the Spanish Ministry of Science and Innovation Project SecureEDGE (PID2019-110565RB-I00), by the Regional Ministry of Economic Transformation, Industry, Knowledge and Universities of Andalusia SAVE (P18-TP-3724) and by the EU H2020-SU-ICT-03-2018 Project No. 830929 CyberSec4Europe (cybersec4europe.eu). Moreover, we thank Huawei Technology for their support. This work reflects only the authors view and the Research Executive Agency is not responsible for any use that may be made of the information it contains.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2022 IFIP International Federation for Information Processing
About this paper
Cite this paper
Ferraris, D., Fernandez-Gago, C., Lopez, J. (2022). Verification and Validation Methods for a Trust-by-Design Framework for the IoT. In: Sural, S., Lu, H. (eds) Data and Applications Security and Privacy XXXVI. DBSec 2022. Lecture Notes in Computer Science, vol 13383. Springer, Cham. https://doi.org/10.1007/978-3-031-10684-2_11
Download citation
DOI: https://doi.org/10.1007/978-3-031-10684-2_11
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-031-10683-5
Online ISBN: 978-3-031-10684-2
eBook Packages: Computer ScienceComputer Science (R0)