@inproceedings{8a34a92ea5f4446eb69d6e625ba2b7dd,
title = "Risk management in embedded devices using metering applications as example",
abstract = "Along with the rise in use of everyday life electronic products that collect and communicate personal data, there is an increasing need for adequate security. The use of ultra-low-power MCUs in such applications provides a clear ad-vantage in terms of energy consumption. However, given their general-purpose nature and low-power needs, security has not been the main focus in the past. This work places emphasis on methodologically analyzing open security gaps at a system level and providing a score for each vulnerability found. Such vulnerability scores help prioritize the efforts towards building a secure system and balancing the trade-off between suitable protection and minimal cost. The work presented uses as an example an abstraction of metering applications implemented using a general purpose microcontroller. The presented approach makes use of the Common Vulnerability Scoring System open framework to quantify the impact of possible vulnerabilities and prioritize their re-mediation based on their relevancy.",
keywords = "CVSS, Embedded devices, Metering, Risk management, Security",
author = "Guillen, \{Oscar M.\} and Ralf Brederlow and Ralph Ledwa and Georg Sigl",
year = "2014",
month = oct,
day = "12",
doi = "10.1145/2668322.2668328",
language = "English",
series = "Proceedings of the 9th Workshop on Embedded Systems Security, WESS 2014",
publisher = "Association for Computing Machinery",
booktitle = "Proceedings of the 9th Workshop on Embedded Systems Security, WESS 2014",
note = "9th Workshop on Embedded Systems Security, WESS 2014 ; Conference date: 12-10-2014 Through 17-10-2014",
}