A Novel IoBT Security Assessment Framework: LoRaWAN Case Study
Abstract
The Internet of Things (IoT) is interesting because this potentially disruptive technology can also be used as a
low-cost approach to augment information in military systems. This makes following IoT trends important when
considering the future of command and control systems. However, it is critical to make sure that employing
IoT for defense purposes, the so-called Internet of Battle eld Things (IoBT), does not introduce unacceptable
security risks into the missions. Because of the large variety of devices and the di erent ways in which they
can be used, there is no one-size- ts-all security solution, and individual assessments would, ideally, have to be
performed for each speci c case. This can quickly become an unmanageable overhead in the mission-planning
phase, which can lead to either discarding the technology or using it in an insecure way.
In this paper, we discuss a more systematic and e cient approach to assess and manage the security risks
associated with IoBT. We outline a modular framework where mission-dependent security requirements can be
derived and tested against actual security assessments of relevant IoT devices and technologies. Residual risk can
then be identi ed and systematically reduced to an acceptable level where possible. We evaluate the framework
by assessing the security of two implementations of the Long Range Wide Area Network (LoRaWAN) protocol
in two different military scenarios.
Description
Mancini, Federico; Johnsen, Frank T..
A Novel IoBT Security Assessment Framework: LoRaWAN Case Study. International Command and Control Research and Technology Symposium (ICCRTS) proceedings 2020