You can find out more about Abasi-Amefon Obot Affia’s PhD thesis here.
In the dynamic world of the Internet of Things (IoT), ensuring robust security is paramount. As IoT systems become increasingly integrated into various sectors, the complexity of managing security risks escalates. Recognising this challenge, the IoT Architecture-based Security Risk Management (IoTA-SRM) framework has been introduced, aiming to revolutionise how we approach IoT security. The IoT Architecture-based Security Risk Management (IoTA-SRM) framework is a comprehensive framework designed to thoroughly understand the IoT system components and their interactions through its architecture. At its core, the framework is designed to offer a detailed knowledge of IoT systems, which are critical inputs for effective security risk management (SRM). The IoTA-SRM framework is more than just a theoretical model; it provides practical framework activities for navigating the complex world of IoT SRM, assisting practitioners in identifying and mitigating security risks effectively. These activities include – Model system, Discover risks, Handle risks, and Analyse Trade-offs, each having its own practical tasks and expected outcomes.
However, the creation of such a framework is only the first step. The real challenge lies in bridging theoretical knowledge with practical skills, a gap that this thesis tackles through an innovative educational approach. This is where hackathons become a game-changer. Hackathons are time-bounded participant-driven events where people with different backgrounds and expertise collaborate on a shared team project to create an artefact [1]. So, this thesis proposes a hackathon teaching model specifically designed to teach the IoTA-SRM framework and facilitate its rapid and practical implementation.
The hackathon teaching model was developed by employing hackathon interventions to create a learning environment to encourage security learning and adapting the hackathon format to include multiple hackathon events, evaluated through a series of action research cycles. These interventions are designed to be adaptable and can be tailored to suit different educational and professional contexts. This adaptability ensures that the hackathon model remains relevant and effective across various settings, making it a versatile tool for teaching how to apply IoT security risk management. The action research evaluations demonstrated the hackathon teaching model’s impact and potential adaptability in various educational and professional environments. The results from these assessments provided strong evidence of the model’s success in enhancing the understanding and application of the IoTA-SRM framework.
In summary, this thesis makes a significant contribution to the field of IoT security by addressing both theoretical and practical aspects of IoT security risk management. It presents a detailed framework for understanding and managing IoT security risks and a practical methodology to encourage its implementation. The hackathon teaching model, with its tailored interventions and validated effectiveness, stands out as a key strategy for educators and practitioners. The hackathon teaching model is particularly beneficial for organisers looking to educate on IoT SRM and for practitioners aiming to apply the complex framework in real scenarios.
This comprehensive approach not only bridges the gap between theory and practice in IoT security risk management but also equips future professionals with the necessary skills to navigate this rapidly evolving field.
[1] Falk, J., Nolte, A., Huppenkothen, D., Weinzierl, M., Gama, K., Spikol, D., … & Hayden, L. B. (2022). The future of hackathon research and practice. arXiv preprint arXiv:2211.08963.