Table 11. Loss Scenarios of ICAs.
Identified loss scenarios of the listed ICAs in Table 10.
| Insecure control action | GW: controller | GW: controller path | GW: controlled process | GW: feedback path |
|---|---|---|---|---|
| Phone_CtrlAction1 _Insec1 | Phone_CtrlAction1 _Insec1_LS1 | Phone_CtrlAction1 _Insec1_LS2 | Phone_CtrlAction1 _Insec1_LS3 | Phone_CtrlAction1 _Insec1_LS4 |
| Phone_CtrlAction1 _Insec2 | Phone_CtrlAction1 _Insec2_LS1 | Phone_CtrlAction1 _Insec2_LS2 | Phone_CtrlAction1 _Insec2_LS3 | / |
| LS Description: | ||||
| Phone_CtrlAction1_Insec1_LS1: Smartphone’s software is modified maliciously | ||||
| Phone_CtrlAction1_Insec1_LS2: The control command is blocked on the path | ||||
| Phone_CtrlAction1_Insec1_LS3: Server’s software is modified maliciously | ||||
| Phone_CtrlAction1_Insec1_LS4: Register is done correctly but returns a NOK result | ||||
| Phone_CtrlAction1_Insec2_LS1: No data protection mechanism is used at the smartphone | ||||
| Phone_CtrlAction1_Insec2_LS2: Data is eavesdropped and decrypted at the path | ||||
| Phone_CtrlAction1_Insec2_LS3: No data protection mechanism is used at the server | ||||