Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
IoT Security in Practice: A Computer Security Analysis of the IKEA “TRÅDFRI” Platform
Linköping University, Department of Electrical Engineering, Information Coding.
2019 (English)Independent thesis Advanced level (degree of Master (Two Years)), 20 credits / 30 HE creditsStudent thesisAlternative title
IoT Säkerhet i Praktiken : En datorsäkerhetsanalys av IKEAs “TRÅDFRI” (Swedish)
Abstract [en]

In order to develop secure Internet of Things (IoT) devices, it is vital that security isconsidered throughout the development process. However, this is not enough as vulnerabledevices still making it to the open market. To try and solve this issue, this thesis presentsa structured methodology for performing security analysis of IoT platforms.

The presented methodology is based on a black box perspective, meaning that theanalysis starts without any prior knowledge of the system. The aim of the presentedmethodology is to obtain information in such a way as to recreate the system design fromthe implementation. In turn, the recreated system design can be used to identify potentialvulnerabilities.

Firstly the potential attack surfaces are identified, which the methodology calls inter-faces. These interfaces are the point of communication or interaction between two partsof a system. Secondly, since interfaces do not exist in isolation, the surrounding contextsin which these interfaces exist in are identified. Finally the information processed by theseinterfaces and their contexts are analyzed. Once the information processed by the iden-tified interfaces in their respective contexts are analysed, a risk assessment is performedbased on this information.

The methodology is evaluated by performing an analysis of the IKEA “TRÅDFRI”smart lighting platform. By analysing the firmware update process of the IKEA “TRÅD-FRI” platform it can be concluded that the developers have used standardized protocolsand standardized cryptographic algorithms and use these to protect devices from ma-licious firmware. The analysis does however find some vulnerabilities, even though thedevelopers have actively taken steps to protect the system.

Place, publisher, year, edition, pages
2019. , p. 32
Keywords [en]
IoT, Internet of Things, Cyber Security, Computer Security, Internet, IKEA, TRÅDFRI, ZigBee
Keywords [sv]
IoT, Sakernas Internet, Cybersäkerhet, Datorsäkerhet, Internet, IKEA, TRÅDFRI, ZigBee
National Category
Embedded Systems
Identifiers
URN: urn:nbn:se:liu:diva-161042ISRN: LiTH-ISY-EX--19/5257--SEOAI: oai:DiVA.org:liu-161042DiVA, id: diva2:1362068
External cooperation
Tina Lindrgren, Combitech AB
Subject / course
Computer Engineering
Presentation
2019-09-20, Hammingrummet, B-Huset, Linköpings Universitet 581 83 Linköping, Linköping, 14:00 (Swedish)
Supervisors
Examiners
Available from: 2019-10-18 Created: 2019-10-17 Last updated: 2019-10-18Bibliographically approved

Open Access in DiVA

fulltext(246 kB)101 downloads
File information
File name FULLTEXT01.pdfFile size 246 kBChecksum SHA-512
22f6a9155ac79c3642f8ff632355d7f749473dc7b5d59065fe57a89a3d7e9c2ded382e98e5705a516b0db11951ad31049b38bbe92f01e08a55b9d2d1e1d90f76
Type fulltextMimetype application/pdf

Search in DiVA

By author/editor
Szreder, Mikael
By organisation
Information Coding
Embedded Systems

Search outside of DiVA

GoogleGoogle Scholar
Total: 101 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

urn-nbn

Altmetric score

urn-nbn
Total: 115 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf