Saved in:
Bibliographic Details
Main Authors: Liebl, Simon, Ferguson, Ian, Aßmuth, Andreas, Coull, Natalie, Weir, George R. S.
Format: Preprint
Published: 2026
Subjects:
Online Access:https://arxiv.org/abs/2604.22307
Tags: Add Tag
No Tags, Be the first to tag this record!
_version_ 1866914504547237888
author Liebl, Simon
Ferguson, Ian
Aßmuth, Andreas
Coull, Natalie
Weir, George R. S.
author_facet Liebl, Simon
Ferguson, Ian
Aßmuth, Andreas
Coull, Natalie
Weir, George R. S.
contents A growing number of Internet of Things (IoT) devices are used across consumer, medical, and industrial domains. They interact with their environment through sensors and actuators and connect to networks such as the Internet. Because sensors may collect sensitive data and actuators can trigger physical actions, security, privacy, and safety are major challenges. Threat modelling can help identify risks, but established IT-focused methods transfer to the IoT only to a limited extent. In this paper, a new modelling technique specifically for IoT devices called Cyber-Physical Data Flow Diagram (CPDFD) is proposed that also allows modelling of hardware with the aim to support manufacturers in identifying threats and developing countermeasures. The technique was examined through an experimental study and a survey with interviews. The results suggest that numerous other attack scenarios can be found through the modelling technique, improving the identification of threats to IoT devices.
format Preprint
id arxiv_https___arxiv_org_abs_2604_22307
institution arXiv
publishDate 2026
record_format arxiv
spellingShingle Introducing the Cyber-Physical Data Flow Diagram to Improve Threat Modelling of Internet of Things Devices
Liebl, Simon
Ferguson, Ian
Aßmuth, Andreas
Coull, Natalie
Weir, George R. S.
Cryptography and Security
A growing number of Internet of Things (IoT) devices are used across consumer, medical, and industrial domains. They interact with their environment through sensors and actuators and connect to networks such as the Internet. Because sensors may collect sensitive data and actuators can trigger physical actions, security, privacy, and safety are major challenges. Threat modelling can help identify risks, but established IT-focused methods transfer to the IoT only to a limited extent. In this paper, a new modelling technique specifically for IoT devices called Cyber-Physical Data Flow Diagram (CPDFD) is proposed that also allows modelling of hardware with the aim to support manufacturers in identifying threats and developing countermeasures. The technique was examined through an experimental study and a survey with interviews. The results suggest that numerous other attack scenarios can be found through the modelling technique, improving the identification of threats to IoT devices.
title Introducing the Cyber-Physical Data Flow Diagram to Improve Threat Modelling of Internet of Things Devices
topic Cryptography and Security
url https://arxiv.org/abs/2604.22307