{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,8]],"date-time":"2026-01-08T18:57:16Z","timestamp":1767898636974,"version":"3.49.0"},"reference-count":36,"publisher":"Association for Computing Machinery (ACM)","issue":"4","license":[{"start":{"date-parts":[[2021,5,29]],"date-time":"2021-05-29T00:00:00Z","timestamp":1622246400000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"name":"Austrian Research Promotion Agency","award":["859475"],"award-info":[{"award-number":["859475"]}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":["ACM Trans. Embed. Comput. Syst."],"published-print":{"date-parts":[[2021,7,31]]},"abstract":"With the advent of the Internet of Things (IoT) and Cyber-Physical Systems (CPS), embedded devices have been gaining importance in our daily lives, as well as industrial processes. Independent of their usage, be it within an IoT system or a CPS, embedded devices are always an attractive target for security attacks, mainly due to their continuous network availability and the importance of the data they handle. Thus, the design of such systems requires a thorough consideration of the various security constraints they are liable to. Introducing these security constraints, next to other requirements, such as power consumption, and performance increases the number of design choices a system designer must consider. As the various constraints are often conflicting with each other, designers face the complex task of balancing them. System designers facilitate Design Space Exploration (DSE) tools to support a system designer in this job. However, available DSE tools only offer a limited way of considering security constraints during the design process. In this article, we introduce a novel DSE framework, which allows the consideration of security constraints, in the form of attack scenarios, and attack mitigations in the form of security tasks. Based on the descriptions of the system\u2019s functionality and architecture, possible attacks, and known mitigation techniques, the framework finds the optimal design for a secure IoT device or CPS. Our framework\u2019s functionality and its benefits are shown based on the design of a secure sensor system.<\/jats:p>","DOI":"10.1145\/3430372","type":"journal-article","created":{"date-parts":[[2021,5,30]],"date-time":"2021-05-30T01:14:27Z","timestamp":1622337267000},"page":"1-24","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":14,"title":["Design Space Exploration for Secure IoT Devices and Cyber-Physical Systems"],"prefix":"10.1145","volume":"20","author":[{"ORCID":"https:\/\/orcid.org\/0000-0002-0306-4363","authenticated-orcid":false,"given":"Lukas","family":"Gressl","sequence":"first","affiliation":[{"name":"Institute of Technical Informatics, Graz University of Technology"}]},{"given":"Christian","family":"Steger","sequence":"additional","affiliation":[{"name":"Institute of Technical Informatics, Graz University of Technology"}]},{"given":"Ulrich","family":"Neffe","sequence":"additional","affiliation":[{"name":"NXP Semiconductors Austria GmbH"}]}],"member":"320","published-online":{"date-parts":[[2021,5,29]]},"reference":[{"key":"e_1_2_1_1_1","volume-title":"Common Criteria for Information Technology Security Evaluation Part 2.","unstructured":"2012. Common Criteria for Information Technology Security Evaluation Part 2. Retrieved from https:\/\/doi.org\/10.1016\/S0168-3659(03)00201-3. 2012. Common Criteria for Information Technology Security Evaluation Part 2. Retrieved from https:\/\/doi.org\/10.1016\/S0168-3659(03)00201-3."},{"key":"e_1_2_1_2_1","first-page":"499","article-title":"Cyber-security incidents: A review cases in cyber-physical systems","volume":"9","author":"Mohammed Nasser","year":"2018","unstructured":"Mohammed Nasser Al-mhiqani, Rabiah Ahmad , Warusia Yassin , Aslinda Hassan , Zaheera Zainal Abidin , Nabeel Salih Ali , and Karrar Hameed Abdulkareem . 2018 . Cyber-security incidents: A review cases in cyber-physical systems . Int. J. Adv. Comput. Sci. Appl 9 , 1 (2018) 499 \u2013 508 . Mohammed Nasser Al-mhiqani, Rabiah Ahmad, Warusia Yassin, Aslinda Hassan, Zaheera Zainal Abidin, Nabeel Salih Ali, and Karrar Hameed Abdulkareem. 2018. Cyber-security incidents: A review cases in cyber-physical systems. Int. J. Adv. Comput. Sci. Appl 9, 1 (2018) 499\u2013508.","journal-title":"Int. J. Adv. Comput. Sci. Appl"},{"key":"e_1_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1145\/586110.586140"},{"key":"e_1_2_1_4_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.ins.2013.02.036"},{"key":"e_1_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.5555\/1444455.1446067"},{"key":"e_1_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.7873\/DATE2014.020"},{"key":"e_1_2_1_7_1","volume-title":"Proceedings of the 14th International Conference on Systems (ICONS\u201919)","author":"Gressl Lukas","year":"2019","unstructured":"Lukas Gressl , Christian Steger , and Ulrich Neffe . 2019 . A security aware design space exploration framework . In Proceedings of the 14th International Conference on Systems (ICONS\u201919) . ThinkMind(TM) Digital Library, Valencia, Spain. Lukas Gressl, Christian Steger, and Ulrich Neffe. 2019. A security aware design space exploration framework. In Proceedings of the 14th International Conference on Systems (ICONS\u201919). ThinkMind(TM) Digital Library, Valencia, Spain."},{"key":"e_1_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1109\/FDL.2019.8876944"},{"key":"e_1_2_1_9_1","volume-title":"A survey of algorithms for real-time bayesian network inference. Pap. Wkshp. Real-Time Decis. Supp. Diagn. Syst.1","author":"Guo Haipeng","year":"2002","unstructured":"Haipeng Guo and William Hsu . 2002. A survey of algorithms for real-time bayesian network inference. Pap. Wkshp. Real-Time Decis. Supp. Diagn. Syst.1 ( 2002 ). Haipeng Guo and William Hsu. 2002. A survey of algorithms for real-time bayesian network inference. Pap. Wkshp. Real-Time Decis. Supp. Diagn. Syst.1 (2002)."},{"key":"e_1_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.23919\/DATE.2018.8342007"},{"key":"e_1_2_1_11_1","article-title":"Causal independence for probability assessment and inference using Bayesian networks","volume":"26","author":"Heckerman David","year":"1996","unstructured":"David Heckerman and John S. Breese . 1996 . Causal independence for probability assessment and inference using Bayesian networks . IEEE Trans. Syst. Man Cybernet. A: Syst. Hum. 26 , 6 (1996). DOI:https:\/\/doi.org\/10.1109\/3468.541341 David Heckerman and John S. Breese. 1996. Causal independence for probability assessment and inference using Bayesian networks. IEEE Trans. Syst. Man Cybernet. A: Syst. Hum. 26, 6 (1996). DOI:https:\/\/doi.org\/10.1109\/3468.541341","journal-title":"IEEE Trans. Syst. Man Cybernet. A: Syst. Hum."},{"key":"e_1_2_1_12_1","unstructured":"Shawn Hernan Scott Lambert Tomasz Ostwald and Adam Shostack. 2006. Threat modeling-uncover security design flaws using the stride approach. MSDN Mag. (2006) 68\u201375. Shawn Hernan Scott Lambert Tomasz Ostwald and Adam Shostack. 2006. Threat modeling-uncover security design flaws using the stride approach. MSDN Mag. (2006) 68\u201375."},{"key":"e_1_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.7873\/DATE.2013.355"},{"key":"e_1_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1145\/1062455.1062519"},{"key":"e_1_2_1_15_1","doi-asserted-by":"publisher","DOI":"10.1109\/SecDev.2016.017"},{"key":"e_1_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.5220\/0006119603020311"},{"key":"e_1_2_1_18_1","doi-asserted-by":"publisher","DOI":"10.1109\/DESEC.2017.8073874"},{"key":"e_1_2_1_19_1","volume-title":"Security-Aware Design for Cyber-Physical Systems","author":"Lin Chumg-Wei","unstructured":"Chumg-Wei Lin and Alberto Sangiovanni-Vincentelli . 2017. Security-Aware Design for Cyber-Physical Systems . Springer . Chumg-Wei Lin and Alberto Sangiovanni-Vincentelli. 2017. Security-Aware Design for Cyber-Physical Systems. Springer."},{"key":"e_1_2_1_20_1","volume-title":"Proceedings of the IEEE\/ACM International Conference on Computer-Aided Design, Digest of Technical Papers (ICCAD\u201915)","author":"Lin Chung Wei","year":"2015","unstructured":"Chung Wei Lin , Qi Zhu , and Alberto Sangiovanni-Vincentelli . 2015 . Security-aware mapping for TDMA-based real-Time distributed systems . In Proceedings of the IEEE\/ACM International Conference on Computer-Aided Design, Digest of Technical Papers (ICCAD\u201915) , 24\u201331. DOI:https:\/\/doi.org\/10.1109\/ICCAD.2014.7001325 Chung Wei Lin, Qi Zhu, and Alberto Sangiovanni-Vincentelli. 2015. Security-aware mapping for TDMA-based real-Time distributed systems. In Proceedings of the IEEE\/ACM International Conference on Computer-Aided Design, Digest of Technical Papers (ICCAD\u201915), 24\u201331. DOI:https:\/\/doi.org\/10.1109\/ICCAD.2014.7001325"},{"key":"e_1_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1109\/LES.2014.2354011"},{"key":"e_1_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1145\/1120725.1120873"},{"key":"e_1_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.1145\/2831232"},{"key":"e_1_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1109\/DATE.2010.5457211"},{"key":"e_1_2_1_25_1","volume-title":"Proceedings of the IEEE International Conference on Engineering of Complex Computer Systems (ICECCS\u201918)","author":"Pagliari Lorenzo","year":"2018","unstructured":"Lorenzo Pagliari , Raffaela Mirandola , and Catia Trubiani . 2018 . Multi-modeling approach to performance engineering of cyber-physical systems design . In Proceedings of the IEEE International Conference on Engineering of Complex Computer Systems (ICECCS\u201918) . DOI:https:\/\/doi.org\/10.1109\/ICECCS.2017.22 Lorenzo Pagliari, Raffaela Mirandola, and Catia Trubiani. 2018. Multi-modeling approach to performance engineering of cyber-physical systems design. In Proceedings of the IEEE International Conference on Engineering of Complex Computer Systems (ICECCS\u201918). DOI:https:\/\/doi.org\/10.1109\/ICECCS.2017.22"},{"key":"e_1_2_1_26_1","doi-asserted-by":"publisher","DOI":"10.1109\/TDSC.2011.34"},{"key":"e_1_2_1_27_1","doi-asserted-by":"publisher","DOI":"10.1145\/3023973.3023977"},{"key":"e_1_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1109\/DSD.2018.00011"},{"key":"e_1_2_1_29_1","volume-title":"Proceedings of the Conference on Design, Automation & Test in Europe. DOI:https:\/\/doi.org\/10","author":"Rosvall Kathrin","year":"2014","unstructured":"Kathrin Rosvall and Ingo Sander . 2014 . A constraint-based design space exploration framework for real-time applications on MPSoCs . In Proceedings of the Conference on Design, Automation & Test in Europe. DOI:https:\/\/doi.org\/10 .7873\/DATE.2014.339 Kathrin Rosvall and Ingo Sander. 2014. A constraint-based design space exploration framework for real-time applications on MPSoCs. In Proceedings of the Conference on Design, Automation & Test in Europe. DOI:https:\/\/doi.org\/10.7873\/DATE.2014.339"},{"key":"e_1_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.1145\/2744769.2747912"},{"key":"e_1_2_1_31_1","doi-asserted-by":"crossref","unstructured":"Vivek Shandilya Chris B. Simmons and Sajjan Shiva. 2014. Use of attack graphs in security systems. J. Comput. Netw. Commun. (2014). DOI:https:\/\/doi.org\/10.1155\/2014\/818957 Vivek Shandilya Chris B. Simmons and Sajjan Shiva. 2014. Use of attack graphs in security systems. J. Comput. Netw. Commun. (2014). DOI:https:\/\/doi.org\/10.1155\/2014\/818957","DOI":"10.1155\/2014\/818957"},{"key":"e_1_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1109\/ISSREW.2014.29"},{"key":"e_1_2_1_33_1","doi-asserted-by":"publisher","DOI":"10.1109\/TIFS.2018.2821095"},{"key":"e_1_2_1_34_1","volume-title":"Proceedings of the Software Engineering (Workshops). 57\u201366","author":"Voss Sebastian","year":"2014","unstructured":"Sebastian Voss , Johannes Eder , and Florian H\u00f6lzl . 2014 . Design space exploration and its visualization in AUTOFOCUS3 . In Proceedings of the Software Engineering (Workshops). 57\u201366 . Sebastian Voss, Johannes Eder, and Florian H\u00f6lzl. 2014. Design space exploration and its visualization in AUTOFOCUS3. In Proceedings of the Software Engineering (Workshops). 57\u201366."},{"key":"e_1_2_1_35_1","doi-asserted-by":"publisher","DOI":"10.1109\/JAS.2015.7296537"},{"key":"e_1_2_1_36_1","volume-title":"DOI:https:\/\/doi.org\/10.1109\/TII.2018.2851939","author":"Xie Yong","year":"2018","unstructured":"Yong Xie , Gang Zeng , Ryo Kurachi , Hiroaki Takada , and Guoqi Xie . 2018. Security\/timing-aware design space exploration of CAN FD for automotive cyber-physical systems. IEEE Trans . Industr. Inf. ( 2018 ). DOI:https:\/\/doi.org\/10.1109\/TII.2018.2851939 Yong Xie, Gang Zeng, Ryo Kurachi, Hiroaki Takada, and Guoqi Xie. 2018. Security\/timing-aware design space exploration of CAN FD for automotive cyber-physical systems. IEEE Trans. Industr. Inf. (2018). DOI:https:\/\/doi.org\/10.1109\/TII.2018.2851939"},{"key":"e_1_2_1_37_1","article-title":"Cross-layer codesign for secure cyber-physical systems","volume":"35","author":"Zheng Bowen","year":"2016","unstructured":"Bowen Zheng , Peng Deng , Rajasekhar Anguluri , Qi Zhu , and Fabio Pasqualetti . 2016 . Cross-layer codesign for secure cyber-physical systems . IEEE Trans. Comput.-Aid. Des. Integr. Circ. Syst. 35 , 5 (2016). DOI:https:\/\/doi.org\/10.1109\/TCAD.2016.2523937 Bowen Zheng, Peng Deng, Rajasekhar Anguluri, Qi Zhu, and Fabio Pasqualetti. 2016. Cross-layer codesign for secure cyber-physical systems. IEEE Trans. Comput.-Aid. Des. Integr. Circ. Syst. 35, 5 (2016). DOI:https:\/\/doi.org\/10.1109\/TCAD.2016.2523937","journal-title":"IEEE Trans. Comput.-Aid. Des. Integr. Circ. Syst."}],"container-title":["ACM Transactions on Embedded Computing Systems"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3430372","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3430372","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T22:38:56Z","timestamp":1750199936000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3430372"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2021,5,29]]},"references-count":36,"journal-issue":{"issue":"4","published-print":{"date-parts":[[2021,7,31]]}},"alternative-id":["10.1145\/3430372"],"URL":"https:\/\/doi.org\/10.1145\/3430372","relation":{},"ISSN":["1539-9087","1558-3465"],"issn-type":[{"value":"1539-9087","type":"print"},{"value":"1558-3465","type":"electronic"}],"subject":[],"published":{"date-parts":[[2021,5,29]]},"assertion":[{"value":"2020-01-01","order":0,"name":"received","label":"Received","group":{"name":"publication_history","label":"Publication History"}},{"value":"2020-10-01","order":1,"name":"accepted","label":"Accepted","group":{"name":"publication_history","label":"Publication History"}},{"value":"2021-05-29","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}