Measurable Security for Sensor Communication in the Internet of Things

This page provides hints on what to include in your master thesis.

= More details = Way ahead
 * 1) Establish example of an industrial system, see:
 * 2) understand Multi-Metrics Method (MM)
 * 3) "think about" criticalities and assign "numbers" for the security elements
 * 4) establish weighting parameters for the components
 * 5) perform the MM for the chosen industrial example
 * 6) perform a sensitivity analysis

Multi-Metrics Method
for a more detailed description, see IoTSec:T1.2

References
 * 1) J. Noll, I. Garitano, S. Fayyad, E.  Åsberg, H. Abie, «Measurable Security, Privacy and Dependability in Smart Grids», Journal of Cyber Security, 3_4, (2015) -> http://riverpublishers.com/journal/journal_articles/RP_Journal_2245-1439_342.pdf
 * 2) I. Garitano, S. Fayyad, J. Noll, «Multi-Metrics Approach for Security, Privacy and Dependability in Embedded Systems», Wireless Pers. Commun. 81, pp1359-1376  (2015)

Applied Multi Metrics
Take example done for Ref 2, presented in [[Media:201502Multi-Metrics_Embedded_Systems.pdf]]

Industrial Use case
see UNIK4750 7Apr - L10: Multi-Metrics Method for measurable Security J - Handouts Media:UNIK4750-L10-Multi-Metrics.pdf,

last slides from Security Semantics: Media:UNIK4750-L8-Security_Semantics.pdf Paper describing the approach: Multi Metrics Approach for Embedded Systems (.pdf on Research Gate) Media:20160407-L10-Lecture_notes.pdf Lecture notes Video Podcast: mms://lux.unik.no/UNIK4750-GK/UNIK-20160407.wmv

= TOC = Title page, abstract, ...
 * 1. Introduction, containing: short intro into the area, what is happening
 * 1.1 Motivation, containing: what triggered me to write about what I'm writing about
 * 1.2 Methods, containing: which methods are you using, how do you apply them


 * 2. Scenario, optional chapter for explaining some use cases
 * 2.1 user scenario, (bad name, needs something better), here: industrial system
 * 2.2 Requirements/Technological challenges, here: measurable security (suggest what to compare)


 * 3. State-of-the art/Analysis of technology, structure your content after hardware/SW (or other domains). Describe which technologies might be used to answer the challenges, and how they can answer the challenges
 * 3.1 Industrial Use case securities
 * Firewall, Network, Physical,....
 * 3.2 Multi-Metrics Analysis


 * 4. Implementation of Measurable Security
 * 4.1 Architecture, functional example for an industrial system
 * 4.2 Analysis and definition of criticalities
 * 4.3 Run-through example
 * which configuration provides which "level" of security


 * 5. Evaluation
 * Security sensitivity analysis, critical elements, weighting, selection of "criticalities"...
 * own evaluation, critical observations,
 * 6. Conclusions
 * References

= Comments =

Red line
Your thesis should have a "red line", which is visible throughout the whole thesis. This means you should mention in the beginning of each chapter how the chapter contributes to the "goals of the thesis".

Use of scientific methods
A thesis follows a standard method:
 * describe the problem (problemstilling)
 * extract the challenges. These challenges should be measurable, e.g. method is too slow to be useful to voice handover.
 * Analyse technology with respect to challenges. Don't write & repeat "everything" from a certain technology, concentrate on those parts (e.g. protocols) which are of importance for your problem

References
 * Wikipedia is good to use to get an overview on what is happening. But there is not scientific verification of Wikipedia, thus you should use wikipedia only in the introduction of a chapter (if you use text from wikipedia). Use scientific literature for your thesis.
 * Scientific library is "at your hand", you can get there directly from UiO: How to get access to IEEE, Springer and other scientific literature -> Unik/UiOLibrary
 * I suggest that references to web pages, e.g. OASIS, W3C standards, are given in a footnote. Only if you find white papers or other .pdf documents on a web page then you refer to them in the reference section.

Evaluation of own work
Perform an evaluation of your own work. Revisit the challenges and discuss in how you fulfilled them. Provide alternative solution and discuss what should be done (or what could have been done).