The Internet of Things opens up many vectors for security vulnerabilities
as detailed in
RFC 8576.
Vulnerabilities in all stages of a IoT device's life cycle include malware baked in
during manufacturing, or patched while operating by exploiting zero-day
vulnerabilities, specially after the manufacturer's support of the old device is
discontinued (end-of-life). This malware usually causes the IoT device to
deviate from its intended function for some nefarious purpose.
Part of any IoT Testing and Proof of Concept (PoC) includes addressing security
concerns by adding security monitoring solutions to prevent intrusions,
malware, etc in order to prevent the high failure rates of IoT projects.
While preventing malware through authentication, authorization and privacy is
a first defense, the IoT monitoring solution should detect behavior that is not
"normal". A usual test scenario then consists in reproducing cases of IoT devices
that deviate from their expected behavior. Unless you have a lab full of hacked
devices, this is not easy to do.
An IoT Simulator such as
MIMIC IoT Simulator is designed to easily recreate
scenarios meant to test your IoT monitoring solution for common hacking
scenarios, such as misbehaving IoT devices (eg. hacked devices sending unusual
Internet traffic, or accessing unauthorized resources), incorrectly configured
firewall or load-balancing rules, reported common vulnerabilities and exposures
(CVE) such as in this
article
.
The "normal" behavior of an IoT device can be characterized by the network
traffic it emits and the resources it accesses. Monitoring solutions can learn
this behavior and alert if it deviates from this pattern. MIMIC can control any
simulated device to behave differently at any point in time, and can easily create
different behaviors on demand. Thus, the monitoring solution can be exercised
to prove that it handles certain scenarios, such as higher traffic rates, network
traffic to different destinations and access to restricted resources. Since the
simulator creates reproducible scenarios, it can be part of regression tests
supporting an agile development cycle.
For example, this Youtube video demonstrates complete, dynamic, real-time
control of message generation rates in MIMIC.