ProCheckUp can help you secure your IoT devices with our IoT testing and certification solutions.
We have a state of the art IoT laboratory which enables us to address the increasing risks posed by technology developments in the area of connected devices.We also offer assurance for IoT functionality.
ProCheckUp uses the following IoT testing methodology:
Mapping the attack surface
This step helps the architecture of the solution to be understood, and helps establish the various tests that would be run on the product, sorted by priority.
The architecture can broadly be divided into three categories:
1) Embedded device
These devices include hubs, smart lightbulbs, motion sensors, smart switches and additional connected devices.
2) Firmware, software and applications
After hardware testing the next component to be tested is software.
This includes firmware running on the device, mobile applications which are used to manage the device and the cloud components connected to the device.
3) Radio communications
Radio communications provide a way for some devices to communicate with each other. Some of the radio communications used are Cellular , Wi-Fi, Bluetooth low energy, Zigbee, Z-Wave and more
Embedded device – hardware analysis
This stage allows us to understand the devices hardware from a security perspective by using both internal and external analysis. This consists of two stages: -
External Analysis
Cellular , Wi-Fi, Bluetooth low energy, Zigbee, Z-Wave and more
Internal Analysis
Internal interfaces, USB, Serial, JTAG SPI
Embedded device – Gaining shell access
At this stage we would attempt to gain shell access to the device, using the following techniques:-
Ethernet Exploitation
Protocol implementation weakness.
Wireless Exploitation
HackRF, KillerBee, Ubertooth
USB Exploitation
PoisonTap, BashBunny and Facedancer21
UART Exploitation
Identifying the connections, identifying the baud rate, interacting with the device to gain a shell
I2C/SPI Exploitation
Identifying the connections, reading writing to the EEPROM
JTAG Exploitation
Identifying the connections, reading writing to the EEPROM. Reading memory contents. Analysing binaries.
Embedded device – Firmware Analysis
From a security perspective, firmware is the most critical component of an embedded device. Firmware resides on the non-volatile section of the device, allowing and enabling the device to perform different tasks required for the functioning of the device.
Obtaining the firmware
Downloading from the Internet
Extracting from the device
Sniffing during an update
Reversing applications
Extracting firmware
Manual method
Automated method - binwalk
Looking for hardcoded secrets
firmwalker
credentials, backdoor, sensitive URLS, access tokens, local pathnames
Embedded device – Backdooring the firmware
Backdooring the firmware is one of the main security issues which IoT devices face
Perform integrity checks and signature validation.
Firmware, software and applications - Auditing the file system and programs in use
At this stage, the operating system is audited to ensure that industry hardening best practices are followed.
User Interface audit - Web/iOS/Android/API/thick client
Mobile application tests
Firmware release diffing
Key management audit
Data store audit
Cloud and supporting network audit
Firmware, software and applications - Analysing binaries
Disassembly and emulation of firmware binaries, running the binaries so we can analyse/exploit them.
Firmware, software and applications - Exploiting binaries
Looking for security vulnerabilities within the binaries/setting breakpoints, and creating exploits.
Please contact us for more information on how ProCheckUp IOT Testing Services can help you.
Accreditations
