A Precision Cybersecurity Workflow for Cyber-physical Systems: The IoT Healthcare Use Case

The IoT paradigm revolves around a tight interaction between the IT side (i.e., the thing and the software therein) and the human counterpart. From a security standpoint, both these aspects should be taken into consideration when building up reliable and effective security solutions. We argue that traditional static approaches to securing IoT fail to deal with such a complexity, as they do not take into account the dynamic nature of human beings that keep evolving while interacting with IoT device. To overcome this limitation, in this paper we put forward the idea of precision cybersecurity that complements the traditional security model by allowing for the definition of mechanisms and security policies which can be dynamically tailored around individuals. To this aim, we provide the first modeling of a precision cybersecurity workflow (PCW), and we implement it in a tool. Then, we apply it to a both security and safety critical IoT deployment, namely an IoT Medical-Healthcare real scenario, to prove the viability of the proposal.