A Formal Assisted Approach for Modeling and Testing Security Attacks in IoT Edge Devices

Abstract

With the rapid growth in the number of IoT devices being added to the network, a major concern that arises is the security of these systems. As these devices are resource constrained, safety measures are difficult to implement on the edge. We propose a novel approach for the detection of IoT device attacks based on the use of formal modelling and mutation testing. Namely, we model the behaviour of small IoT devices such as motion sensors and RFID card reader as state machines with timeouts. We also model basic IoT attacks; namely, battery draining, sleep deprivation, data falsification, replay, and man in the middle attacks, as special mutants of these specifications. We also consider tests for detecting actual physical device manipulation. Mutation testing is then used to derive tests that distinguish these attacks from the original specifications. The behaviour of these mutants is tested in real environment by running the tests on the data collected while the edge device is still running. Our experiments show that derived number of attack mutants and tests is small and thus these tests can be executed many times with limited overhead on the physical device. Consequently, our approach is not deterred by related high costs of traditional mutation testing. Furthermore, we demonstrate that the tests generated by our method, encompassing the considered IoT attacks, do not adequately cover mutants derived through conventional mutation code-based operators. This highlights the necessity of employing our method. A framework that implements our approach is presented along with some other relevant case studies.