Since its invention, the Internet has changed the world, but above all, it has connected people. With the advent of the Internet of Things, the Internet connects things today much more than people do. A large part of the Internet of Things consists of IoT controlled Smart Home devices. The Internet of Things and the Smart Home have become an increasingly important topic in recent years. The growing popularity of Smart Home devices such as Smart TVs, Smart Door Locks, Smart Light Bulbs, and others is causing a rapid increase in vulnerable areas. In the future, many IoT devices could be just as many targets. The many new and inexperienced manufacturers and the absence of established uniform standards also contribute to the precarious situation. Therefore, new methods are needed to sensitize and detect these threats. In this paper, different existing approaches like those of the National Institute of Standards and Technology (NIST) and the Open Web Application Security Project (OWASP) are combined with concepts of this work like the Smart Home Device Life Cycle. In the context of this paper, a universal 31-page question-based test procedure is developed that can be applied to any Smart Home device. Based on this new, innovative security checklist, the communication between device, app, and the manufacturer's servers, as well as the firmware of IoT devices, can be analyzed and documented in detail. In the course of this paper, also a handout in the abbreviated form will be created, which serves the same purpose.
Read full abstract