Welcome to IoT Security Wiki.

It is an intiative to help developers and security researchers to get all security resource related to IoT devices. Although listing out all resources related to IoT is very difficult, but i have tried my best to list out Major technical material available.

As IoT is broadly based on four components: Embedded Systems, Cloud, Network, Mobile. We will have resource related to first three in this wiki and for Mobile we already have MobileSecurityWiki which is also my project.

If you find anything missing or have some resource to add, please add through contribute section.

Follow IoT Security Wiki on Twitter to get latest updates about IoT Security

Thanks!

Presentations

Presentation	Conference	Year	Author	Link
A Surface Area Approach to Pen-testing the IoT	Defcon 23	2015	Daniel Miessler	Video Slide
The Hand that Rocks the Cradle: Hacking IoT Baby Monitors	Defcon23	2015	Mark Stanislav	Video
Security of Wireless Home Automation Systems - A World Beside TCP/IP	Defon23	2015	Tobias Zillner & Sebastian Strobl	Slide
Securing the IoT World	Defcon 23	2015	Aaron Guzman	Video Slide
Yes, You Can Walk on Water: Application & Product Security on a Startup Budget	Defcon23	2015	Brian Knopf	Video
Cameras, Thermostats, and Home Automation Controllers - Hacking 14 IoT Devices	Defcon23	2015	Wesley Wineberg	Video Slide
Smart Hone Invasion	Defcon23	2015	Craig Young	Video Slide
Practical IoT Exploitation Workshop (MIPS/ARM)	Defcon23	2015	Lyon Yang	Video Slide
Advanced SOHO Router Exploitation	HITBGSEC	2015	Lyon Yang	Video Slide
Pwning IoT with Hardware Attacks	Defcon23	2015	Chase Schultz	Slide
SWEET SECURITY - Creating a Defensive Raspberry Pi	Defcon23	2015	Travis Smith	Slide
Securing the Internet of Things: Mapping Attack Surface Areas Using the OWASP IoT Top 10	RSA Conference	2015	Daniel Miessler	Link
IoT Security	BSides	2015	Justin C. Klein Keane	Video
Securing the Internet of Things	IoT Conference	2015	Paul Fremantle	Video
The Internet of Fails - Where IoT Has Gone Wrong	Defcon22	2014	Mark Stanislav & Zach Lanier	Video

WhitePapers

Research Studies

Title	Organization	Year	Link
The Internet of Things: Security Research Study	Veracode	2015	Link
Internet of Things Research Study	Hewlett Packard	2015	Link
Insecurity in Internet Of Things	Symantec	2015	Link
Securing the "Internet of Things" Survey	SANS	2014	Link

Research Papers

Title	Year	Link
Enhance Embedded System Security With Rust	2016	Link
Requirement of Security for IoT Application based on Gateway System	2015	Link
Threats Analysis, Requirements and Considerationsfor Secure Internet of Things	2015	Link
Hybrid Lightweight and Robust Encryption Design for Security in IoT	2015	Link
A Study on IP Exposure Notification System for IoT Devices Using IP Search Engine Shodan	2015	Link
Security Framework and Jamming Detection for Internet of Things	2015	Link
Personal Information Security and the IoT: The Changing Landscape of Data privacy	2015	Link
Design of the Secure Compiler for the IoT Services	2015	Link
On the design of lightweight link-layersecurity mechanisms in IoT systems	2015	Link
A Digital Door Lock System for the Internet of Things with Improved Security and Usability	2015	Link
Security Threats on National Defense ICT based on IoT	2015	Link
On the Security and Privacy of Internet of Things Architectures and Systems	2015	Link
Cyber Security for Intelligent World with Internet of Things and Machine to Machine Communication	2015	Link
Study on the Vulnerability Level of Physical Security AndApplication of the IP-Based Devices	2015	Link
ENERGY AWARE SECURITY ALGORITHM DECISION METHOD FOR INTERNET OF THINGS USING SSL/TLS FOR WIRELESS NETWORK	2015	Link
A Lightweight RFID Security Protocol Based on Elliptic Curve Cryptography	2015	Link
DTLS-HIMMO: Efficiently Securing a Post-Quantum World with a Fully-Collusion Resistant KPS	2015	Link
Study on a Secure Wireless Data Communication in Internet of Things Applications	2015	Link
IoT: The Internet of Threats and Static Program Analysis Defense	2015	Link
Event driven adaptive security in internet of things	2014	Link
Internet of Things: Architectural framework for eHealth security	2014	Link
Privacy and Security Issues for Healthcare System with Embedded RFID System on Internet of Things	2014	Link
An Approach for Cyber SecurityExperimentation Supporting Sensei/IoT forSmart Grid	2014	Link
Toward an Inverse-free Lightweight Encryption Scheme for IoT	2014	Link
Broadcast Based Registration Technique for Heterogeneous Nodes in the IoT	2014	Link
An Evaluation Scenario for Adaptive Security in eHealth	2014	Link
Security requirements of IoT-based smart buildings using RESTful Web Services	2014	Link
A survey on providing security to the wireless sensor networks integrated with IOT	2014	Link
IOT Secure Transmission Based on Integration of IBE and PKI/CA	2013	Link
An Empirical Research on InfoSec RiskManagement in IoT-based eHealth	2013	Link
Security and privacy challenge in data aggregation for the iot in smart cities	2013	Link
Designing a secure service manager for internet of things	2013	Link
Identity Authentication and Capability Based Access Control (IACAC) for the Internetof Things	2013	Link
Security Architecture of the Internet of Things Oriented to PerceptualLayer	2013	Link
Towards a Light Weight Internet of ThingsPlatform Architecture	2013	Link
A bi-direction authentication protocol for RFID based on the variable update in IOT	2013	Link
Novel Threshold Cryptography-based Group Authentication (TCGA)Scheme for the Internet of Things (IoT)	2013	Link
A Survey on Security Issues of M2M Communications in Cyber-Physical Systems.	2012	Link
Making Devices Trustworthy: Security and Trust Feedbackin the Internet of Things	2012	Link
A bi-directional security authentication architecture for the internet of vehicles	2012	Link
Security for Practical CoAP Applications:Issues and Solution Approaches	2011	Link
A Security Protocol Adaptation Layer for theIP-based Internet of Things	2011	Link
Security in the Internet of Things	2011	Link
Assessing the Security of Internet ConnectedCritical Infrastructures	2010	Link

OWASP Resources

Case Studies

Articles

Firmware Analysis

Binwalk - Binwalk is a fast, easy to use tool for analyzing, reverse engineering, and extracting firmware images.
Reversing Firmware Part 1
Embedded Devices Security and Firmware Reverse Engineering

IoT Development Tools

Arduino - Arduino is an open-source electronics platform based on easy-to-use hardware and software. It's intended for anyone making interactive projects.
Eclipse IoT Project - IoT needs open source to be successful. Eclipse IoT simplifies IoT development.
Kinoma - Kinoma’s platform is optimized for connected, high-performance consumer electronics and Internet of Things (IoT) products. Build rich consumer experiences that orchestrate connected devices, their companion apps, and cloud services.
M2M Labs MainSpring - M2MLabs Mainspring is an open source application framework for building machine to machine (M2M) applications such as remote monitoring, fleet management or smart grid.
Node-RED - Node-RED is a tool for wiring together hardware devices, APIs and online services in new and interesting ways.
Particle - Particle is a prototype-to-production platform for developing an Internet of Things product.
PlatformIO - PlatformIO IDE is the missing integrated development environment which provides comprehensive facilities for IoT development:
ThingBox - The ThingBox is a set of software already installed and configured. The ThingBox allows anyone to graphically create new unlimited applications interacting with connected objects from a simple web-browser.

IoT Hardware Platforms

Arduino - Arduino is an open-source electronics platform based on easy-to-use hardware and software. It's intended for anyone making interactive projects.
- Arduino Nano]
- Arduno Pro Mini
- Arduino Uno
- Arduino Yún
Arietta G25 - Arietta G25 - Low cost Linux embedded module
BeagleBoard - Get your hands in technology's guts and control your development destiny with these credit-card sized, low-power, open-hardware computers. Experiment with Linux, Android and Ubuntu and jump-start development in five minutes with the included USB cable.
Flutter - Flutter is a programmable processor core for electronics projects, designed for hobbysits, students, and engineers. Flutter features a fast ARM processor, powerful long-range wireless communication, built-in battery charging, and an onboard security chip, making Flutter an ideal choice for robotics, wireless sensor networks, consumer electronics, and educational platforms.
Imuduino - The smallest Arduino Leonardo compatible clone, feature packed with USB keyboard/mouse emulation, on-board Bluetooth LE, real-time orientation and motion sensing IMU, and 10V max voltage regulator. Works with Android and iOS devices
Intel Edison - The Intel Edison is a tiny computer offered by Intel as a development system for wearable devices and Internet Of Things.
Intel Galileo - The Intel® Galileo Gen 2 development board is a microcontroller board based on the Intel® Quark™ SoC X1000 application processor, a 32-bit Intel® Pentium® brand system on a chip (SoC). It is the first board based on Intel® architecture designed to be hardware and software pin-compatible with shields designed for the Arduino Uno R3.
LightBlue Bean - With Bean, you can program wirelessly from any of your devices. No more unscrewing screws and ungluing glue.
MicroDuino - Microduino presents the world’s smallest series of Arduino-compatible smart modules that are small, flexible, stackable and powerful, and can be used to create a limitless amount of DIY projects.

Home Automation Software

Eclipse SmartHome - The framework is designed to run on embedded devices, such as a Raspberry Pi, a BeagleBone Black or an Intel Edison. It requires a Java 7 compliant JVM and an OSGi (4.2+) framework, such as Eclipse Equinox.
Home Gateway Initiative - The HGI Open Platform 2.0 suite captures home gateway software modularity requirements and provides remote test tools that form a cornerstone of many of the operators’ and vendors’ home gateway strategy.
Ninja Blocks - Ninja Sphere is both a hardware and software platform designed to seamlessly bridge your smart devices together. By connecting to products from various brands, your home can start using them in new and exciting ways.
openHAB - a vendor and technology agnostic open source automation software for your home. Build your smart home in no time!
PrivateEyePi - This is a Raspberry Pi projects website aimed at the Raspberry Pi enthusiast wanting to build home security/automation systems and at the same time learn programming and electronics.
RaZberry - The Razberry platform adds all the components needed to turn a Raspberry PI board into a fully operational and inexpensive Z-Wave gateway.

Middleware

IoTSyS - IoTSyS is an integration middleware for the Internet of Things. It provides a communication stack for embedded devices based on IPv6, Web services and oBIX to provide interoperable interfaces for smart objects. Using 6LoWPAN for constrained wireless networks and the Constrained Application Protocol together with Efficient XML Interchange an efficient stack is provided allowing using interoperable Web technologies in the field of sensor and actuator networks and systems while remaining nearly as efficient regarding transmission message sizes as existing automation systems.
Kaa - Kaa IoT Platform — 100% open-source Internet of Things middleware platform for everyone.
OpenIoT - The OpenIoT middleware infrastructure will support flexible configuration and deployment of algorithms for collection, and filtering information streams stemming from the internet-connected objects, while at the same time generating and processing important business/applications events.
OpenRemote - OpenRemote is software integration platform for residential and commercial building automation. OpenRemote platform is automation protocol agnostic, operates on off-the-shelf hardware and is freely available under an Open Source license. OpenRemote's architecture enables fully autonomous and user-independent intelligent buildings. End-user control interfaces are available for iOS and Android devices, and for devices with modern web browsers. User interface design, installation management and configuration can be handled remotely with OpenRemote cloud-based design tools.

Operating Systems

AllJoyn - The AllJoyn framework defines a common way for devices and apps to communicate with one another regardless of brands, categories, transports, and OSes. Developers write applications that discover nearby devices, and communicate with each other directly and through the cloud, unleashing new possibilities in the Internet of Things.
Brillo - Brillo brings the simplicity and speed of software development to hardware for IoT with an embedded OS, core services, developer kit, and developer console.
Contiki - Contiki is an open source operating system for the Internet of Things. Contiki connects tiny low-cost, low-power microcontrollers to the Internet.
JaneOS - JanOS is an operating system designed to run on the chipset of mobile phones. It runs without a screen, and allows you to access all phone functionality, from calling to the camera, through JavaScript APIs.
OpenWSN - The Internet of Things enables great applications, such as energy-aware homes or real-time asset tracking. With these networks gaining maturity, standardization bodies have started to work on standardizing how these networks of tiny devices communicate.
Rasbian - Raspbian is a free operating system based on Debian optimized for the Raspberry Pi hardware. An operating system is the set of basic programs and utilities that make your Raspberry Pi run. However, Raspbian provides more than a pure OS: it comes with over 35,000 packages, pre-compiled software bundled in a nice format for easy installation on your Raspberry Pi.
RIOT - The friendly Operating System for the Internet of Things. Make your applications ready for the smaller things in the Internet with common system support.
- 6LoWPAN, IPv6, RPL, and UDP
- CoAP and CBOR
- Static and dynamic memory allocation
- High resolution and long-term timers
- Tools and utilities (System shell, SHA-256, Bloom filters, ...)
TinyOS - TinyOS is an open source, BSD-licensed operating system designed for low-power wireless devices, such as those used in sensor networks, ubiquitous computing, personal area networks, smart buildings, and smart meters.
Windows 10 IoT Core OS - Discover the features and functionality that Windows 10 IoT Core provides. It’s ease of Windows combined with the power of IoT.
Zephyr - Zephyr Project is a small, scalable real-time operating system for use on resource-constrained systems supporting multiple architectures. Developers are able to tailor their optimal solution. As a true open source project, the community can evolve the Zephyr Project to support new hardware, developer tools, sensor and device drivers. Advancements in security, device management capabilities, connectivity stacks and file systems can be easily implemented.

IoT App Development Protocols

Contribute

It is awesome to see that you want to contribute in this wiki, which would directly help the community. Please follow one of the ways from below to include tool/resource in this wiki-

Tweet the resource to @IoTSecurityWiki or @exploitprotocol
Send an email to [email protected]

Please let me know if you have any suggestions.

Below is the list of the awesome folks who contributed to this wiki-