Análisis de seguridad en smart home basado en la metodologia owasp asvs sobre un caso de estudio real.

Abstract

One of the most significant emerging technologies that has been incorporated into people's daily lives today is undoubtedly the Smart Home. However, they have been exposed to computer attacks that can threaten the privacy of users. In this sense, the need to apply vulnerability analysis on these systems is of the utmost importance, to know their security status. Currently, there are no methodologies for the development of these analyses, which are directly focused on the Smart Home. Due to this, in this project a vulnerability analysis based on the OWASP ASVS methodology was carried out, with the aim of studying the benefits and limitations of its application in home automation field. This methodology is focused on computer security in the development of web applications, in the same way it offers guides to improve the development environments of these systems. This project also implemented a Smart Home prototype, specifically an intelligent lighting system, in order to be able to perform the vulnerability analysis on a real environment and thus obtain true and reliable results. The evaluation of the Smart Home prototype was carried out through the execution of the following stages: general study of the verification requirements provided by the methodology, classification of the requirements, analysis of applicable and non-applicable requirements, investigation for the verification of requirements and the generation of the evaluation checklist. The results of the evaluation were interpreted through descriptive statistics, which allowed obtaining a clear and precise perception of the vulnerabilities found on the prototype.