This paper proposes a threat model for a specific class of components of IoT infrastructures: smart home gateways extensible through plug-ins. The purpose of the proposed model is twofold. From one side, it helps to understand some possible issues that could be generated from a malicious or defective implementation of a plug-in and affect the gateway itself or other smart home devices. Consequently, the model could help programmers of gateway applications, plug-ins, and devices think about possible countermeasures and develop more resilient solutions. On the other side, the model could be regarded as a set of guidelines. Indeed, plug-in developers should not create plug-ins acting like the threats reported in the paper. To provide a first validation of the model, the paper presents a use case based on Home Assistant, an open-source smart home gateway application.
A Threat Model for Extensible Smart Home Gateways / Corno, Fulvio; Mannella, Luca. - ELETTRONICO. - (2022), pp. 1-6. (Intervento presentato al convegno 7th International Conference on Smart and Sustainable Technologies – SpliTech 2022 tenutosi a Split / Bol, Croatia nel July 5-8, 2022) [10.23919/SpliTech55088.2022.9854235].
A Threat Model for Extensible Smart Home Gateways
Corno, Fulvio;Mannella, Luca
2022
Abstract
This paper proposes a threat model for a specific class of components of IoT infrastructures: smart home gateways extensible through plug-ins. The purpose of the proposed model is twofold. From one side, it helps to understand some possible issues that could be generated from a malicious or defective implementation of a plug-in and affect the gateway itself or other smart home devices. Consequently, the model could help programmers of gateway applications, plug-ins, and devices think about possible countermeasures and develop more resilient solutions. On the other side, the model could be regarded as a set of guidelines. Indeed, plug-in developers should not create plug-ins acting like the threats reported in the paper. To provide a first validation of the model, the paper presents a use case based on Home Assistant, an open-source smart home gateway application.File | Dimensione | Formato | |
---|---|---|---|
[2022-05-13] SpliTech-TM_SH_Gateway-Camera_Ready.pdf
accesso aperto
Descrizione: Camera-ready Version
Tipologia:
2. Post-print / Author's Accepted Manuscript
Licenza:
Pubblico - Tutti i diritti riservati
Dimensione
138.72 kB
Formato
Adobe PDF
|
138.72 kB | Adobe PDF | Visualizza/Apri |
[2022-08-19] A_Threat_Model_for_Extensible_Smart_Home_Gateways.pdf
accesso riservato
Descrizione: Published Version
Tipologia:
2a Post-print versione editoriale / Version of Record
Licenza:
Non Pubblico - Accesso privato/ristretto
Dimensione
154.58 kB
Formato
Adobe PDF
|
154.58 kB | Adobe PDF | Visualizza/Apri Richiedi una copia |
Pubblicazioni consigliate
I documenti in IRIS sono protetti da copyright e tutti i diritti sono riservati, salvo diversa indicazione.
https://hdl.handle.net/11583/2963822