Security Audit Tools for IoT - Introduction

Security Audit Tools for IoT

The limitation in the existing security audit tools is the lack of their adaptation for IoT devices. IoT devices are  more generic than traditional embedded devices. They may have a very small footprint, limited resources, and they can be heterogeneous in nature. Further, the security can be incorporated in IoT hardware architecture, firmware as well as software. Hardware security is essential for secure key storage, secure multiparty computation and secure access control. Firmware security is essential to provide a secure boot up for IoT device and therefore should be audited as boot up operations of IoT device usually contain critical information. Similarly, secure software in IoT device is crucial, particularly the OS security. That is, there should be protected applications, secure file systems, and secure inter-process communication. Further,  security functionalities are usually implemented in IoT communication stack that also need to be analyzed. Hence, in  this project a novel security auditing architecture is proposed to be designed and implemented to audit the IoT devices and their networks including the security pertaining to the IoT hardware, firmware as well as Software. State of the art vulnerability detection of IoT hardware as well as firmware will be incorporated in our security auditing mechanisms.