Security Enforcement in IoT Systems Using Attack Trees

Attack trees are graphical representations of the different scenarios that can lead to a security failure. In this paper we propose a security-based framework for modeling IoT systems where attack trees are defined alongside the model to detect and prevent security risks in the system. A successful attack can be a rare event in the execution of a well designed system. When rare, such attacks are hard to detect with usual model checking techniques. Hence, we use importance splitting as a statistical model checking technique for rare events.