Publica
Hier finden Sie wissenschaftliche Publikationen aus den Fraunhofer-Instituten. Securing the IoT. Utilizing conformance tessuites for fuzzing
:
Volltext urn:nbn:de:0011-n-5720614 (466 KByte PDF) MD5 Fingerprint: 96652f6f0e6a7cdd14b77d3086520862 Erstellt am: 10.04.2020 |
| Sikora, A.:
Embedded World Conference 2019. DVD-ROM : February 26-28, 2019, Messezentrum Nürnberg, Germany
Haar: WEKA Fachmedien Verlag, 2019
5 S. |
| Embedded World Exhibition and Conference <2019, Nuremberg> |
| Bundesministerium fur Wirtschaft und Energie BMWi (Deutschland)
136387; IoT-T |
|
| Englisch |
| Konferenzbeitrag, Elektronische Publikation |
| Fraunhofer FOKUS () |
| IoT; security; fuzzing; testing conformance; negative testing; TTCN-3 |
Abstract
IoT devices are widely used in almost all vertical domains like homes, factories or as wearables on the body. This diversity is reflected in a variety of implementations which creates challenges for security testing due to the lag of applicability of out-of-the-box security testing solutions, like existing in other areas. We're introducing a security testing suite that is capable of providing security tests. Our security test suite is part of the Eclipse IoT-Testware project. It is capable of creating fuzz test cases from conformance test suites for devices automatically, regardless of the used protocols. Eclipse IoT-Testware reads into the communication between two devices, generates a model of the used protocol and generates fuzz data using the generation library Fuzzino. This solution has found vulnerabilities in ITS devices and flaws in devices using COAP and MQTT.