TY - GEN
T1 - A formal security analysis of ZigBee (1.0 and 3.0)
AU - Li, Li
AU - Podder, Proyash
AU - Hoque, Endadul
N1 - Publisher Copyright:
© 2020 ACM.
PY - 2020/9/21
Y1 - 2020/9/21
N2 - The rapid increase in the number of IoT devices in recent years indicates how much financial investment and efforts the tech-industries and the device manufacturers have put in. Unfortunately, this aggressive competition can give rise to poor quality IoT devices that are prone to adversarial attacks. To make matter worse, these attacks can compromise not only security but also safety, since an IoT device can directly operate on the physical world. Many recently reported attacks are due to the insecurity present in the underlying communication protocol stacks, and ZigBee is one of them. Considering the emergence and adoption of ZigBee 3.0 and the current market share of ZigBee 1.0, it is essential to study and analyze these protocol stacks at their specification level so that any insecurity at the specification level should be identified and fixed before they go into production. With that goal in mind, in this paper, we develop a model for ZigBee (1.0 and 3.0) and reason about its security properties using a security protocol verification tool (named Tamarin). Our model of ZigBee closely follows the ZigBee specification, and the security properties are derived from the ZigBee specification. We use Tamarin to verify these properties on our model and report our findings on ZigBee 1.0 and ZigBee 3.0.
AB - The rapid increase in the number of IoT devices in recent years indicates how much financial investment and efforts the tech-industries and the device manufacturers have put in. Unfortunately, this aggressive competition can give rise to poor quality IoT devices that are prone to adversarial attacks. To make matter worse, these attacks can compromise not only security but also safety, since an IoT device can directly operate on the physical world. Many recently reported attacks are due to the insecurity present in the underlying communication protocol stacks, and ZigBee is one of them. Considering the emergence and adoption of ZigBee 3.0 and the current market share of ZigBee 1.0, it is essential to study and analyze these protocol stacks at their specification level so that any insecurity at the specification level should be identified and fixed before they go into production. With that goal in mind, in this paper, we develop a model for ZigBee (1.0 and 3.0) and reason about its security properties using a security protocol verification tool (named Tamarin). Our model of ZigBee closely follows the ZigBee specification, and the security properties are derived from the ZigBee specification. We use Tamarin to verify these properties on our model and report our findings on ZigBee 1.0 and ZigBee 3.0.
KW - Protocol verification
KW - Symbolic analysis
KW - ZigBee
UR - http://www.scopus.com/inward/record.url?scp=85090503103&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85090503103&partnerID=8YFLogxK
U2 - 10.1145/3384217.3385617
DO - 10.1145/3384217.3385617
M3 - Conference contribution
AN - SCOPUS:85090503103
T3 - ACM International Conference Proceeding Series
SP - 101
EP - 111
BT - Proceedings of the 7th Symposium on Hot Topics in the Science of Security, HotSoS 2020
PB - Association for Computing Machinery
T2 - 7th Symposium on Hot Topics in the Science of Security, HotSoS 2020
Y2 - 22 September 2020 through 24 September 2020
ER -