Extending MUD profiles through an Automated IoT Security Testing Methodology

MATHEU, GARCIA Sara Nieves; HERNANDEZ, RAMOS Jose Luis; PEREZ, Salvador; SKARMETA, Antonio

doi:10.1109/ACCESS.2019.2947157

Defining the intended behavior of IoT devices is considered as a key aspect to detect and mitigate potential security attacks. In this direction, the Manufacturer Usage Description (MUD) has been recently standardized to reduce the attack surface of a certain device through the definition of access control policies. However, the semantic model is only intended to provide network level restrictions for the communication of such device. In order to increase the expressivity of this approach, we propose the use of an automated IoT security testing methodology, so that testing results are used to generate augmented MUD profiles, in which additional security aspects are considered. Specifically, the methodology is based on the use of Model-Based Testing (MBT) techniques to automate the generation, design and implementation of security tests. Furthermore, we describe the application of the resulting approach to the Elliptic Curve Diffie- Hellman over COSE (EDHOC) protocol, which represent a standardization effort to build a lightweight authenticated key exchange protocol for IoT constrained scenarios.

MATHEU GARCIA Sara Nieves; HERNANDEZ RAMOS Jose Luis; PEREZ Salvador; SKARMETA Antonio;

2019-11-15

IEEE-INST ELECTRICAL ELECTRONICS ENGINEERS INC

JRC117730

2169-3536 (online),

https://ieeexplore.ieee.org/document/8867876, https://publications.jrc.ec.europa.eu/repository/handle/JRC117730,

10.1109/ACCESS.2019.2947157 (online),

Language	Citation

Name	Country	City	Type

Datasets

ID	Title	Public URL

Dataset collections

ID	Acronym	Title	Public URL

Scripts / source codes

Description	Public URL

Additional supporting files

File name	Description	File type

Show metadata record Copy citation url to clipboard Download BibTeX