Saved in:
Bibliographic Details
Main Authors: Schöttle, Pascal, Janetschek, Matthias, Merkle, Florian, Nocker, Martin, Egger, Christoph
Format: Preprint
Published: 2025
Subjects:
Online Access:https://arxiv.org/abs/2504.06712
Tags: Add Tag
No Tags, Be the first to tag this record!
_version_ 1866913787184939008
author Schöttle, Pascal
Janetschek, Matthias
Merkle, Florian
Nocker, Martin
Egger, Christoph
author_facet Schöttle, Pascal
Janetschek, Matthias
Merkle, Florian
Nocker, Martin
Egger, Christoph
contents The Internet of Things (IoT) has rapidly expanded across various sectors, with consumer IoT devices - such as smart thermostats and security cameras - experiencing growth. Although these devices improve efficiency and promise additional comfort, they also introduce new security challenges. Common and easy-to-explore vulnerabilities make IoT devices prime targets for malicious actors. Upcoming mandatory security certifications offer a promising way to mitigate these risks by enforcing best practices and providing transparency. Regulatory bodies are developing IoT security frameworks, but a universal standard for large-scale systematic security assessment is lacking. Existing manual testing approaches are expensive, limiting their efficacy in the diverse and rapidly evolving IoT domain. This paper reviews current IoT security challenges and assessment efforts, identifies gaps, and proposes a roadmap for scalable, automated security assessment, leveraging a model-based testing approach and machine learning techniques to strengthen consumer IoT security.
format Preprint
id arxiv_https___arxiv_org_abs_2504_06712
institution arXiv
publishDate 2025
record_format arxiv
spellingShingle Large-Scale (Semi-)Automated Security Assessment of Consumer IoT Devices -- A Roadmap
Schöttle, Pascal
Janetschek, Matthias
Merkle, Florian
Nocker, Martin
Egger, Christoph
Cryptography and Security
The Internet of Things (IoT) has rapidly expanded across various sectors, with consumer IoT devices - such as smart thermostats and security cameras - experiencing growth. Although these devices improve efficiency and promise additional comfort, they also introduce new security challenges. Common and easy-to-explore vulnerabilities make IoT devices prime targets for malicious actors. Upcoming mandatory security certifications offer a promising way to mitigate these risks by enforcing best practices and providing transparency. Regulatory bodies are developing IoT security frameworks, but a universal standard for large-scale systematic security assessment is lacking. Existing manual testing approaches are expensive, limiting their efficacy in the diverse and rapidly evolving IoT domain. This paper reviews current IoT security challenges and assessment efforts, identifies gaps, and proposes a roadmap for scalable, automated security assessment, leveraging a model-based testing approach and machine learning techniques to strengthen consumer IoT security.
title Large-Scale (Semi-)Automated Security Assessment of Consumer IoT Devices -- A Roadmap
topic Cryptography and Security
url https://arxiv.org/abs/2504.06712