Novel DevSecOps Model for Robust Security in an MQTT Internet of Things

Abstract

Message Queuing Telemetry Transport (MQTT) is a standard messaging protocol for the Internet of Things (IoT). Among the various communication protocols used in IoT, MQTT stands unique because of its multiple advantages such as being efficient and light weight, reliability in message delivery and scalability to millions of things. However, the fact that the data privacy of the MQTT messages can be compromised while the data is in transit poses risks to the security mechanism. Attack scenarios related to MQTT have exposed multiple risks and vulnerabilities such as thousands of MQTT brokers being accessible over the default port, data privacy, authentication, data integrity, port obscurity, and botnet over MQTT. These risks and vulnerabilities undermine security mechanism which results in compromised IoT systems. Development Security and Operations (DevSecOps) aims at integrating security at every phase of the IoT lifecycle with enhanced automation, tools, and a process for determining security vulnerabilities at every stage. This results in a rapid and cost-effective IoT system which is enabled by proactive security mechanisms, threat prediction, threat detection, and alerting mechanisms. The aim of this work is to build a DevSecOps pipeline utilizing open source MQTT servers and brokers. A comparative study was performed to identify the risk posture provided by the DevSecOps pipeline across MQTT ports offering different combinations of security mechanisms. Firstly, threat modelling was conducted wherein the IoT system was analyzed at an architectural level from an attacker’s perspective and appropriate risk mitigation and defense mechanisms were accommodated into the design. The IoT system was then subjected to rigorous static and dynamic analysis followed by vulnerability scanning and third component checks. Penetration test cases and controls are automated to check threats and vulnerabilities like escalation of privileges, denial of service, spoofing, information disclosure, and repudiation. An alerting mechanism is also integrated into the system to monitor risks and vulnerabilities. Our proposed DevSecOps models achieves standard maturity in security systems with earlier threat prediction and detection.