Industrial Practices in Security Vulnerability Management for IoT Systems – an Interview Study

Martin Höst, Jonathan Sönnerup, Martin Hell, Thomas Olsson

Research output: Chapter in Book/Report/Conference proceedingPaper in conference proceedingResearchpeer-review

Abstract

The area of Internet of Things (IoT) is growing and it affects a large amount of users, which means that security is important. Many parts of IoT systems are built with Open Source Software, for which security vulnerabilities are available. It is important to update the software when vulnerabilities are detected, but it is unclear to what extent this is done in industry today. This study presents an investigation of industrial companies in the area of IoT to understand current procedures and challenges with respect to security updates. The research is conducted as an interview study with qualitative data analysis. It is found that few companies have formalized processes for this type of security updates, and there is a need to support both producers and integrators of IoT components.
Original languageEnglish
Title of host publicationProceedings of the 2018 International Conference on Software Engineering Research & Practice
Pages61-67
Publication statusPublished - 2018
EventInternational Conference on Software Engineering Research and Practice (SERP*18) - Las Vegas, United States
Duration: 2018 Jul 302018 Aug 2

Conference

ConferenceInternational Conference on Software Engineering Research and Practice (SERP*18)
Country/TerritoryUnited States
CityLas Vegas
Period2018/07/302018/08/02

Subject classification (UKÄ)

  • Software Engineering

Fingerprint

Dive into the research topics of 'Industrial Practices in Security Vulnerability Management for IoT Systems – an Interview Study'. Together they form a unique fingerprint.

Cite this