Why IoT security is failing. The Need of a Test Driven Security Approach

Sandescu, Cristian; Grigorescu, Octavian; Rughiniș, Răzvan; Deaconescu, Răzvan; Calin, Mihnea Andrei

doi:10.1109/roedunet.2018.8514135

Cited by 6 publications

(4 citation statements)

References 2 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…c. Balena: The complete set of developing, designing, deploying, and managing different Industrial IoT devices. It also provides cloud support using a containers-based platform for scaling and data analytics (Săndescu et al, 2018). d. Ubidots: This platform has a sensor data capturing capability, which is communicated to different analytics tools over the Cloud (Che Soh et al, 2019).…”

Section: Non-traditional Cot Platforms Used For Industry 40mentioning

confidence: 99%

Security issues and challenges in cloud of things-based applications for industrial automation

et al. 2023

View full text Add to dashboard Cite

Due to the COVID-19 outbreak, industries have gained a thrust on contactless processing for computing technologies and industrial automation. Cloud of Things (CoT) is one of the emerging computing technologies for such applications. CoT combines the most emerging cloud computing and the Internet of Things. The development in industrial automation made them highly interdependent because the cloud computing works like a backbone in IoT technology. This supports the data storage, analytics, processing, commercial application development, deployment, and security compliances. Now amalgamation of cloud technologies with IoT is making utilities more useful, smart, service-oriented, and secure application for sustainable development of industrial processes. As the pandemic has increased access to computing utilities remotely, cyber-attacks have been increased exponentially. This paper reviews the CoT’s contribution to industrial automation and the various security features provided by different tools and applications used for the circular economy. The in-depth analysis of security threats, availability of different features corresponding the security issues in traditional and non-traditional CoT platforms used in industrial automation have been analysed. The security issues and challenges faced by IIoT and AIoT in industrial automation have also been addressed.

show abstract

Section: Non-traditional Cot Platforms Used For Industry 40mentioning

confidence: 99%

Security issues and challenges in cloud of things-based applications for industrial automation

et al. 2023

View full text Add to dashboard Cite

show abstract

“…Based on these results, vulnerabilities triggered by malformed packets had higher disclosure delays than their counterparts. However, regardless of disclosure delays, patching vulnerabilities found in brokers deployed to real-world environments is complex because of their limited hardware resources or location (Săndescu et al, 2018;Thantharate et al, 2019;Eceiza et al, 2021;Newman and Al-Nemrat, 2021;Husnain et al, 2022). As a result, it is common for brokers to use outdated versions of MQTT implementations (Araujo Rodriguez and Macêdo Batista, 2020).…”

Section: Mqtt Fixed Headermentioning

confidence: 99%

“…The MITRE Corporation (2006) lists fuzz testing as one of the three main detection methods for resource-exhaustion problems. However, in order to guarantee that the broker is robust and reliable enough against performance bottlenecks or issues in smart cities, a fuzzer should perform CPU-and memory-intensive tests (Săndescu et al, 2018). Despite the wide range of broker fuzzers available, there is a lack of information in the literature regarding their capabilities to perform resource-exhaustion attacks during the test run.…”

Section: Stress Test Evaluation Of Fuzzing Techniques For Mqtt Brokersmentioning

confidence: 99%

“…The root cause of these problems stems from the heavy emphasis placed on functionality rather than security in IoT (Săndescu et al, 2018), meaning that pub/sub protocols tend to be insecure by design and unreliable in large-scale areas such as Smart Cities. In fact, insecure design and injection are two of the most common causes of vulnerabilities globally (OWASP, 2021).…”

Section: Introductionmentioning

confidence: 99%

See 1 more Smart Citation

Mechanisms to improve fuzz testing for message brokers

Rodriguez

View full text Add to dashboard Cite

Martins for their unconditional support and trust in me. Thank you to Inês Laccort for the friendship, encouragement, and support during the difficult times of my graduate studies. Thank you to Elenir Voi Xavier, my portuguese teacher and friend, for always believing in me. Thank you to Denise Dalcol for the friendship we have maintained after earning our Master's degrees.Thank you to CAPES and CNPq (grant 381249/2022-0) for the financial support, which was crucial for the completion of this thesis.Finally, thank you to everyone who has supported me on this incredible journey. I am truly honored and blessed to have known every single one of you, and to have represented my home country Honduras for the last couple of years.

show abstract