Abstract
IoT devices are widely used in almost all vertical domains like homes, factories or as wearables on the body. This diversity is reflected in a variety of implementations which creates challenges for security testing due to the lag of applicability of out-of-the-box security testing solutions, like existing in other areas. We're introducing a security testing suite that is capable of providing security tests. Our security test suite is part of the Eclipse IoT-Testware project. It is capable of creating fuzz test cases from conformance test suites for devices automatically, regardless of the used protocols. Eclipse IoT-Testware reads into the communication between two devices, generates a model of the used protocol and generates fuzz data using the generation library Fuzzino. This solution has found vulnerabilities in ITS devices and flaws in devices using COAP and MQTT.