Over the past year and a half, the IoThreats project has dealt intensively with the future challenges, technologies and requirements of smart homes. In the course of the project, the state of the art in the security-relevant context of new types of smart home technologies was determined in order to analyse potential attack and threat scenarios. The results are now available and are presented here.
The smart home brings technical solutions into houses and apartments that enable lighting, heating and other electronic devices to be controlled via a smartphone or computer. These home automation technologies offer a multitude of advantages, from increased flexibility and maximum security at home to higher energy efficiency. However, if smart homes are not adequately protected, hackers can take control of these connected devices and spy on private data.
The KIRAS project IoThreats “Future challenges, technologies & requirements of smart homes in a security-relevant context” has devoted itself to security problems in the smart home area over the course of its 18 – month term and can now look back on a number of results. In the course of the project, current technology concepts, standards and areas of application in the field of Smart Home / Smart Environments were initially recorded. Numerous national and international stakeholders, consisting of central experts in the field of law and technology, as well as representatives of the consumer were identified and questioned in order to guarantee the most extensive possible consideration of the national market in the subject area.
A key result of the project is the analysis of smart home hardware and software, which enables the creation of a new type of system for categorizing solutions according to subject areas. IoThreats explicitly describes and analyses the subject areas of sensors, detectors and alarms; Home control, networked home appliances, network security, smart toys and wearables. The subject areas have also been expanded to include further sub-categories in order to facilitate the classification and assessment of smart home solutions and concepts and thus enable a flexible tool for later, in-depth analyses. In addition, further key results were:
- The identification of nationally relevant actors in the subject area, which lays a valuable foundation for networking with other potential users. The network of experts, decision-makers and other stakeholders in the subject area also ensures that the project results are used beyond the project period.
- The identification and description of new types of IoT deployment scenarios in the police context as a central result that offers a better idea of possibilities, opportunities and challenges through innovative technologies. The 20 application scenarios obtained are grouped with subject areas, requirements, police application areas and communicating actors and prepared for presentation.
- The legal evaluation of selected cases was based on 19 criminally relevant, selected cases. By means of case clustering, the selection was particularly aimed at covering the broadest possible selection of attack vectors and as many technology groups as possible. The respective facts and applicable criminal offenses were presented in detail.
- A detailed recording of technical solutions in various Smart Environment areas, which presents the collected hardware and software solutions in a structured manner and subjects them to a risk assessment. In addition, statements were made about the protection requirements of the components and potentially relevant security information was identified in the police context.
In order to ensure optimal achievement of goals in the course of the project, a well-founded methodology was also established that incorporates social science survey and analysis methods as well as conceptual and technical know-how in the ICT area. For this purpose, a topic field analysis and consumer survey were carried out in order to capture the complex topics of cybersecurity, Internet of Things, smart home and smart environment in a structured manner. For this purpose, the smart home landscape was divided into the six subject areas of energy management, security technology, lifestyle, wearables, smart toys and smart appliances.
During the entire duration of the project, intensive work was carried out on the effective communication of the results of the IoThreats project. A project identity and visualization of results enabled the efficient transfer of knowledge to internal and external users, as well as research teams in the subject area. Conferences, presentations, publications and the publication of digital and printed material were used for this purpose. The joint performance of research partners and users made it possible to achieve a comprehensive and usable project result for all project partners, the use of which is ensured throughout the project period. Ensuring the sustainable use of the results by national and international users was also ensured through the preparation of topic-specific training documents.
Thanks to the excellent cooperation of all partners (SYNYO, JOANNEUM RESEARCH & Austrian Center for Law Enforcement Sciences) and the use of suitable measures for efficient project and risk management, the project was completed within the planned duration of 18 months to the complete satisfaction of all partners.
Smart home, Hacking, Internet of Things