Module duration: 2 hours
This training module covers different IoT security vulnerabilities starting from real case attacks that occured on several IoT devices. Leveraging the OWASP Internet of Things Project as reference security framework, we present each class of IoT vulnerability and a real case attack which exploited it. Finally, we suggest several security requirements that aim to mitigate the explored security issue.
The goal of this module is to explore the world of IoT devices, focusing on their vulnerabilities. It is done following the OWASP IoT Top 10, i.e., the most common vulnerabilities affecting the IoT devices, with the aim of showing what an IoT device manufacturer must consider and some ways to mitigate their effects.
This module covers the following topics:
• Introduction to the IoT ecosystems
• Security attack surface of IoT
• Exploration of the most common IoT flows, following the OWASP Top 10 vulnerabilities
• Description of real-case scenario attacks
• Presentation of OWASP framework for securing IoT devices
The target of this module are suppliers of IoT devices, as well as developers and technical figures who will directly act in the production, testing and realization of such devices. It can also be a way to broaden personal knowledge about IoT and real cases of attacks on them which exploit some common vulnerabilities.