Kasutaja tarvikud

Lehe tööriistad


test-cases-for-zigbee-security-testing

Test cases for ZigBee security testing

  1. Verify that the network is using encryption on the lowest layer (MAC, NWK, APS) necessary to withstand attacks that are typical of the threats in the network under test.
  2. Verify that the network is using integrity protection on the lowest layer (MAC, NWK, APS) necessary to withstand attacks that are typical of the threats in the network under test.
  3. Verify that the network is using data freshness protection on the lowest layer (MAC, NWK, APS) necessary to withstand attacks that are typical of the threats in the network under test.
  4. Verify that the an out-of-band method is used to transport the network key or the key-transport key to a new node. Alternatively, verify that the transmission power is lowered during key transport.
  5. Verify that the encryption keys are unique within the network and among other networks originating from the same manufacturer.
  6. Verify that the encryption keys are generated using an input from a random number generator and are not based on the device serial number or other guessable information.
  7. Verify that the used ZigBee microcontrollers do not have any known security vulnerabilities that make local key extraction possible.
  8. Verify that a time-, join- and/or leave based key update policy is enforced.
  9. Verify that ZigBee networks utilizing 2.4 GHz band will adopt a new channel in case the existing channel is occupied.
  10. Verify that, in case of power outage, the critical nodes and paths remain working.
  11. Verify that the packet counter value is stored in non-volatile memory.
  12. Verify that, in case of radio jamming attacks, the battery-powered nodes will not unnecessarily consume power.
  13. Verify that the ZigBee gateway is behind a firewall that controls both incoming and outgoing traffic.
  14. Verify that both incoming and outgoing connections from the ZigBee gateway are utilizing mutual authentication and traffic encryption.
  15. Verify that ZigBee nodes have a tamper detection mechanism that erases encryption keys if tampering is detected.
  16. Verify that an ACL is enforced on all network nodes to accept packets only from authorized nodes.
Viimati muudetud 2015-05-20 Mait Peekma

Lehekülje tarvikud