#02 IoT Security Radar
The background The past year has seen the Internet of Things (IoT) reach private households on an unprecedented scale. Examples of devices with internet connectivity include smart TVs, connected lights, ...
The past year has seen the Internet of Things (IoT) reach private households on an unprecedented scale. Examples of devices with internet connectivity include smart TVs, connected lights, smart speakers and thermostats. The benefits of IoT come with an increased exposure to cyber security risks of which companies and private users are not sufficiently aware.
Imagine, Grandma buys a new smartphone. Her home is already well equipped with smart devices. One day she reads an interesting article about smart home hacks. She immediately calls her grandson, who is a smart skilled software engineer. She asks him whether he can recommend an app that shows all the funny connected devices in her home at one click to tell her that either she is secure or that there are vulnerabilities she has to take care of. Her Grandson is unable to recommend an app with these capabilities, and more importantly, one that is user friendly and easy to handle so that it suits Grandma´s digital fitness.
Develop an app for Grandma that is capable of detecting the IoT devices in her home environment, identifying vulnerabilities and guiding her visually to the affected devices. The app should make her sufficiently aware that she can call the grandson to resolve the potential security issues.
We provide you with access to Grandma’s living room and connected IoT devices that communicate via Bluetooth and/or Wifi. We also give you access to online vulnerability databases such as NVD or the ICS-CERT maintained database that can help you view the vulnerabilities of the IoT devices discovered. The vulnerability status of the devices should be represented on an augmented reality mapping of the environment. This should be done by using open source augmented reality SDK such as ARToolKit or EasyAR and identify IoT devices based on their network footprint. The solution should be able to do the following:
Identify IoT devices (e.g. at home) based on their wireless footprint (Bluetooth, Wifi etc.).
The IoT devices identified are assessed regarding their security level. This may be done by using specific vulnerability data about the identified devices from online databases, for example. The assessment should be designed in a way that produces easily understandable security/vulnerability levels, such as a red/amber/green rating.
The visualization of the detected security risks is an important consideration. You are free to decide how to visualize the identified IoT security risks. Your visualization should be easily understandable to non-technical or inexperienced users, to enable a broad number of users to identify, understand and mitigate IoT security risks. The visualization should therefore help the user to identify the IoT devices, understand the respective security/vulnerability level and know how to fix or mitigate any identified security issues.
Innovation level – Creativity level – User friendliness – Target performance
We looking forward to joining you for a highly creative group at the HackZurich 2017
Location: Newton 1009, 1st floor