This paper proposes a threat model for a specific class of components of IoT infrastructures: smart home gateways extensible through plug-ins. The purpose of the proposed model is twofold. From one side, it helps to understand some possible issues that could be generated from a malicious or defective implementation of a plug-in and affect the gateway itself or other smart home devices. Consequently, the model could help programmers of gateway applications, plug-ins, and devices think about possible countermeasures and develop more resilient solutions. On the other side, the model could be regarded as a set of guidelines. Indeed, plug-in developers should not create plug-ins acting like the threats reported in the paper. To provide a first validation of the model, the paper presents a use case based on Home Assistant, an open-source smart home gateway application.

A Threat Model for Extensible Smart Home Gateways / Corno, Fulvio; Mannella, Luca. - ELETTRONICO. - (2022), pp. 1-6. (Intervento presentato al convegno 7th International Conference on Smart and Sustainable Technologies – SpliTech 2022 tenutosi a Split / Bol, Croatia nel July 5-8, 2022) [10.23919/SpliTech55088.2022.9854235].

A Threat Model for Extensible Smart Home Gateways

Corno, Fulvio;Mannella, Luca
2022

Abstract

This paper proposes a threat model for a specific class of components of IoT infrastructures: smart home gateways extensible through plug-ins. The purpose of the proposed model is twofold. From one side, it helps to understand some possible issues that could be generated from a malicious or defective implementation of a plug-in and affect the gateway itself or other smart home devices. Consequently, the model could help programmers of gateway applications, plug-ins, and devices think about possible countermeasures and develop more resilient solutions. On the other side, the model could be regarded as a set of guidelines. Indeed, plug-in developers should not create plug-ins acting like the threats reported in the paper. To provide a first validation of the model, the paper presents a use case based on Home Assistant, an open-source smart home gateway application.
2022
978-1-6654-8828-0
File in questo prodotto:
File Dimensione Formato  
[2022-05-13] SpliTech-TM_SH_Gateway-Camera_Ready.pdf

accesso aperto

Descrizione: Camera-ready Version
Tipologia: 2. Post-print / Author's Accepted Manuscript
Licenza: Pubblico - Tutti i diritti riservati
Dimensione 138.72 kB
Formato Adobe PDF
138.72 kB Adobe PDF Visualizza/Apri
[2022-08-19] A_Threat_Model_for_Extensible_Smart_Home_Gateways.pdf

accesso riservato

Descrizione: Published Version
Tipologia: 2a Post-print versione editoriale / Version of Record
Licenza: Non Pubblico - Accesso privato/ristretto
Dimensione 154.58 kB
Formato Adobe PDF
154.58 kB Adobe PDF   Visualizza/Apri   Richiedi una copia
Pubblicazioni consigliate

I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.

Utilizza questo identificativo per citare o creare un link a questo documento: https://hdl.handle.net/11583/2963822