Commit da46537c authored by Moritz Finke's avatar Moritz Finke
Browse files

Initial commit

parents
![Logos](logos.png)
# Security Testing of IoT Devices by Certification Authorities
This repository holds all code and data associated with the bachelor thesis `Security Testing of IoT Devices by Certification Authorities` by Moritz Finke.
The repository is split into three major segments.
```text
.
├── plots
├── sss
└── testlink
```
1. plots: the [plots](plots/) folder holds the code that was used for rendering the plots present in the bachelor thesis
2. sss: the [sss](sss/) folder holds the software implementation (program and library) of the Security Scoring System
3. testlink: the [testlink](testlink/) folder holds both the TestLink data of the Testing Guide Model and the files (risk registers and test reports) produced during evaluation.
logos.png

82.3 KB

# Plots
This folder holds the code for rendering the plots used in the bachelor thesis.
First, head to [sss](../sss/) and install the `sss` module before rendering
plots. Therafter, run `./render.sh` to render all plots.
#!/bin/python
from sss import sss
from devices import data_points
s_s = sss.SSS()
for data_point in data_points:
data_point['wrr'].co_max = 10.0
print('Device: ', data_point['desc'])
print('DRS:', data_point['wrr'].risk_score())
print('RSSC:', data_point['wrr'].rssc())
print('RSVK:', data_point['wrr'].rsvk())
# print('Allowed RSVK: ', s_s.allowed_rsvk(2.5,
# s_s.base_risk(data_point['wrr'])))
print('Sum VK:', sum(data_point['wrr'].vk))
print('DBRS:', round(s_s.base_risk(data_point['wrr']),2))
print('SS:', round(s_s.score(data_point['wrr']),2))
print()
wifi = 9.5
#zigbee_vendor_independent = 8.5
#zigbee = 7.5
#app = 7.0
#proprietary_wireless_communication = 6.1
cellular = 6.0
camera = 5.8
mic = 5.6
gps = 5.4
bluetooth = 4.7
ethernet = 4.3
#usb = 4.0
gas_detector = 3.3
smoke_detector = 3.3
motion_detector = 3.1
thermometer = 3.0
ecg = 2.4
infrared_sensor = 2.4
proximity_sensor = 2.3
lighting = 1.1
#loudspeaker = 1.0
zigbee_vendor_independent = 0
zigbee = 0
app = 0
proprietary_wireless_communication = 0
loudspeaker = 0
usb = 0
from sss.sss import WRR
from sss.sss import SSS
data_points = []
#-----------------------------------------------
#Philips Hue Bridge v2 Lighting
S_C = [
wifi,
zigbee_vendor_independent,
ethernet,
app,
]
C_O = [
7.5 # IT Department, Night
]
V_K = [
7.4, # Factory Reset
# 7.9, #CVE-2020-6007 - CVSS v3.1
7.6 #CVSS v3.1 Base: 7.6 (AV:P/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H)
#https://colinoflynn.com/2016/07/getting-root-on-philips-hue-bridge-2-0/
]
wrr = WRR(V_K,S_C,C_O)
data_points += [{
'wrr': wrr,
'desc': 'Philips Hue Bridge v2'
}]
#-----------------------------------------------
#Philips In.Sight B120/37 Baby Surveillance
S_C = [
wifi,
camera,
mic,
motion_detector,
thermometer,
loudspeaker,
usb,
app,
]
C_O = [
4.9 #Internal, Night
]
V_K = [
7.5, #CVE-2015-2884 - CVSS v3.x Base
5.4, #CVE-2015-2883 - CVSS v3.x Base
9.8 #CVE-2015-2882 - CVSS v3.x Base
]
wrr = WRR(V_K,S_C,C_O)
data_points += [{
'wrr': wrr,
'desc': 'Philips In.Sight B120/37'
}]
#-----------------------------------------------
#Siemens Gigaset se361
S_C = [
wifi,
ethernet,
]
C_O = [
7.5 #IT-Department, Night
]
V_K = [
7.8, #CVE-2009-3322 - CVSS v2.0 Base
4.3, #CVE-2007-4488 - CVSS v2.0 Base
]
wrr = WRR(V_K,S_C,C_O)
data_points += [{
'wrr': wrr,
'desc': 'Siemens Gigaset se361'
}]
#-----------------------------------------------
#Bosch Smart Home Controller SHC
S_C = [
wifi,
usb,
ethernet,
]
C_O = [
7.5 #IT-Department, Night
]
V_K = [
7.1, #CVE-2019-11896 - CVSS v3.0 Base
5.3, #CVE-2019-11895 - CVSS v3.0 Base
5.7, #CVE-2019-11894 - CVSS v3.0 Base
4.9, #CVE-2019-11893 - CVSS v3.0 Base
6.8, #CVE-2019-11892 - CVSS v3.0 Base
5.4, #CVE-2019-11891 - CVSS v3.0 Base
]
wrr = WRR(V_K,S_C,C_O)
data_points += [{
'wrr': wrr,
'desc': 'Bosch Smart Home Controller SHC'
}]
#-----------------------------------------------
#Osram Lightify Home
S_C = [
wifi,
zigbee_vendor_independent,
app,
]
C_O = [
7.5 #IT-Department, Night
]
V_K = [
7.4, # IoT-6
7.4, # IoT-15
# 5.0, #CVE-2016-5054 - CVSS v3.x Base
#7.5, #CVE-2016-5053 - CVSS v3.x Base
# 5.0, #CVE-2016-5052 - CVSS v3.x Base
# 5.0 #CVE-2015-5051 - CVSS v3.x Base
]
wrr = WRR(V_K,S_C,C_O)
data_points += [{
'wrr': wrr,
'desc': 'Osram Lightify Home'
}]
#-----------------------------------------------
#Microsoft Wireless Keyboard 850
S_C = [
proprietary_wireless_communication,
usb,
]
C_O = [
7.4 #IT-Department, Morning
]
V_K = [
6.8 #CVE-2018-8117 - CVSS v3.x Base
]
wrr = WRR(V_K,S_C,C_O)
data_points += [{
'wrr': wrr,
'desc': 'Microsoft Wireless Keyboard 850'
}]
#-----------------------------------------------
#Bosch NBN-498 Dinion2X
S_C = [
camera,
mic,
ethernet,
motion_detector,
]
C_O = [
8.2 #Server-Room, Night
]
V_K = [
9.8 #CVE-2015-6970 - CVSS 3.1 Base
]
wrr = WRR(V_K,S_C,C_O)
data_points += [{
'wrr': wrr,
'desc': 'Bosch NBN-498 Dinion2X'
}]
#-----------------------------------------------
#TP-Link TL-SC 3130 IP Camera
S_C = [
wifi,
camera,
mic,
ethernet,
motion_detector,
]
C_O = [
8.2 #Server Room, Night
]
V_K = [
9.8, #CVE-2013-2573 - CVSS v3.1 Base
7.5, #CVE-2013-2572 - CVSS v3.x Base
7.5, #CVE-2018-18428 - CVSS v3.x Base
7.8, #CVE-2013-2581 - CVSS v2.0 Base
7.1, #CVE-2013-2580 - CVSS v2.0 Base
10.0, #CVE-2013-2579 - CVSS v2.0 Base
10.0, #CVE-2013-2578 - CVSS v2.0 Base
7.1 #CVE-2013-3688 - CVSS v2.0 Base
]
wrr = WRR(V_K,S_C,C_O)
data_points += [{
'wrr': wrr,
'desc': 'TP-Link TL-SC 3130'
}]
#-----------------------------------------------
#Logitech K360 Keyboard
S_C = [
proprietary_wireless_communication,
usb,
]
C_O = [
7.4 #IT-Department, Morning
]
V_K = [
6.5 #CVE-2019-13055 - CVSS v3.x Base
]
wrr = WRR(V_K,S_C,C_O)
data_points += [{
'wrr': wrr,
'desc': 'Logitech K360'
}]
#-----------------------------------------------
#Miele XGW 3000 (NVD) Gateway
S_C = [
zigbee_vendor_independent,
usb,
ethernet,
app,
]
C_O = [
7.5 #IT-Department, Night
]
V_K = [
9.8, #CVE-2019-20481 - CVSS v3.x Base
8.8, #CVE-2019-20480 - CVSS v3.x Base
]
wrr = WRR(V_K,S_C,C_O)
data_points += [{
'wrr': wrr,
'desc': 'Miele XGW 3000 (NVD)'
}]
#-----------------------------------------------
#Miele XGW 3000 (MITRE) Gateway
S_C = [
zigbee_vendor_independent,
usb,
ethernet,
app,
]
C_O = [
7.5 #IT-Department, Night
]
V_K = [
4.6, #CVE-2019-20481 - CVSS v3.x Base
4.6, #CVE-2019-20480 - CVSS v3.x Base
]
wrr = WRR(V_K,S_C,C_O)
data_points += [{
'wrr': wrr,
'desc': 'Miele XGW 3000 (MITRE)'
}]
#-----------------------------------------------
#Samsung XPress M288OFW Printer
S_C = [
wifi,
usb,
ethernet,
]
C_O = [
7.5 #IT-Department, Night
]
V_K = [
9.8, #CVE-2015-5729 - CVSS v3.x Base
]
wrr = WRR(V_K,S_C,C_O)
data_points += [{
'wrr': wrr,
'desc': 'Samsung M2880FW'
}]
#-----------------------------------------------
#Honeywell hswb2g1 IP Camera
S_C = [
camera,
motion_detector,
ethernet,
]
C_O = [
8.2 #IT-Department, Night
]
V_K = [
9.8, #CVE-2019-18226 - CVSS v3.1 Base
]
wrr = WRR(V_K,S_C,C_O)
data_points += [{
'wrr': wrr,
'desc': 'Honeywell hswb2g1'
}]
#-----------------------------------------------
#Honeywell Midas Gas Detector
S_C = [
gas_detector,
ethernet,
]
C_O = [
8.1 #IT-Department, Night
]
V_K = [
9.3, # CVE-2015-7908 - CVSS v2.0 Base
]
wrr = WRR(V_K,S_C,C_O)
data_points += [{
'wrr': wrr,
'desc': 'Honeywell Midas'
}]
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment