Book chapters
In the following list, you can find more information about Dr. Erlijn van Genuchten's book chapters.
Book chapters
In the following list, you can find more information about Dr. Erlijn van Genuchten's book chapters.
Cybersecurity
Securing IoT devices in a targeted way. A scenario-based approach to penetration testing
van Genuchten, E., Grasmück, O. (2020). IoT-Geräte gezielt absichern. In: Sowa, A. (eds) IT-Prüfung, Datenschutzaudit und Kennzahlen für die Sicherheit. Springer Vieweg, Wiesbaden.
This chapter presents a scenario-based approach for efficient security testing of IoT devices. It defines a test scope focused on the essentials in five steps and thus allows IoT manufacturers to act in a budget- and security-conscious manner via a prioritization matrix when launching IoT products on the market. The aim of the proposed approach is explicitly a focused, rather than comprehensive, security test of IoT components. In view of the fact that the topic of “security for IoT components” is still often neglected, core security is already a big step forward. Even smaller manufacturers can thus not only become more secure, but also significantly more marketable without major financial outlay, thereby gaining a competitive advantage. In the near future, IoT penetration tests should be a natural part of every development process.
The IoT-penetration test
van Genuchten, E., Schreiber, S. (2017). Der IoT-Penetrationstest. In: Sowa, A. (eds) IT-Prüfung, Sicherheitsaudit und Datenschutzmodell. Springer Vieweg, Wiesbaden.
What can manufacturers of Internet of Things devices do to better secure these smart devices against digital attackers? One effective method is to perform IoT penetration tests. The aim of these security analyses is to uncover security gaps and vulnerabilities that exist, even if security and data protection requirements have been taken into account in an adequate product or system design. With appropriate testing procedures, potential risks in IoT devices can be reduced at the level of the web application or mobile app, the back end or the hardware. From this perspective, the IoT penetration test is a key instrument for minimizing risk and should therefore be carried out before or at the latest shortly after the market launch. The project plan presented as an example can serve as a guide for manufacturers, auditors, certifiers and reviewers to integrate appropriate tests into the testing process of their IoT devices.
Copyright © 2022 Sustainable Decisions All rights reserved.