Layer-wise Component and Security Analysis of an IoT-based Remote Patient Monitoring System

Scenario

You need to do a layer-wise component and security analysis of a selected IoT application and make a report of process.

CyberHealth Ltd. is a Teesside based cybersecurity solution provider, where you are working as a cybersecurity expert. Your company provides Networking & Cybersecurity solutions for the business environment. They currently offer managed, professional, and hardware & software services.  Recently, few companies have approached CyberHealth to offer them services for their IoT solution clients. CyberHealth is interested in extending its business by providing services to its customers who offer IoT solutions.

The use of telemedicine with the support IoT has increased globally due to COVID-19.  Your company is more interested in healthcare related IoT solution providers or customers. In this context, you are assigned to analyse the security of an existing remote monitoring system (offered by an IoT solution provider) for elderly and chronic disease patients.

Task 1 (T1): Compare the three- and five-layered architecture of the IoT-based remote patient monitoring system (e.g., fall detection and reporting or any app selected from Google’s play or Apple’ Apps store and uses mobile sensors) in terms of security (e.g., cybersecurity, physical security) (20%). For the task you need to include:

*A diagram of the architecture (5%)

*Brief description of the security features supported by each layer (e.g., sensing or perception) to protect their components (e.g., sensor or sensors, routers, apps) (15%).

Task 2 (T2): What is Risk in cybersecurity? Do a risk assessment of the selected IoT application using a risk assessment framework. You can select any framework you prefer (15% mark).

Task 3 (T3): Explain with examples how you would analyse the end-to-end (E2E) security vulnerabilities or concerns (using the 3-layer architecture in task 1 and its layer-wise components) of the selected solution (40% mark). For this task,

*be precise about tools and methods,

*justify all your decisions, and

*Discussion needs to be linked with the selected application.

Task 4 (T4): Discuss countermeasures or mitigation mechanisms for the identified security vulnerabilities or concerns of the sensing (in task 3) layer of the selected patient monitoring system.

Task 5 (T5): Machine Learning (ML) is an essential technology in IoT to process and make decision based on the sensed data.  However, adversaries can use a variety of attack (also known as adversarial attacks) methods to disrupt a ML model, either during the training phase or after the model has already been trained.  Discuss a list of potential adversarial attacks with examples possible in autonomous or driverless car domain of IoT. 

Task 6 (T6): Write the report clearly and professionally (i.e., using references and figures where appropriate) regarding technical issues in an IoT network and security. 

This element will assess the learning outcomes 1 and 4, which are as below:

1. Communicate clearly and professionally regarding technical issues in an IoT network and security.
2. Demonstrate critical understanding of standard security and privacy preserving mechanisms in IoT.