Threat landscape and good practice guide for smart home and converged media
The study identifies threats to all asset classes, across the several alternative design pathways to smart homes. As it develops, the smart home will exhibit a high cyber security risk profile for the individual context, with additional systematic effects on broader information security. Highlights of this study are: - Not all smart homes are created equally. There are multiple design pathways that lead to functional smart homes, ranging between localised and integrated home-automation systems. These pathways have their own security and privacy peculiarities, but also have shared issues and... vulnerabilities. - Smart homes will have significant privacy and data protection impacts. The increased number of interlinked sensors and activity logs present and active in the smart home will be a source of close, granular and intimate data on the activities and behaviour of inhabitants and visitors. - Several economic factors may lead to poor security in smart home devices. Companies involved in the smart home market include home appliance companies, small start-up companies, and even crowd-funded efforts. These groups are likely to lack security expertise, security budgets and access to security research networks and communities. - The interests of different asset owners in the smart home are not necessarily aligned and may even be in conflict. This creates a complex environment for security activity. - Just as in many other areas of ICT, applying basic information security would significantly increase overall security in the smart home domain. The smart home is a point of intense contact between networked information technology and physical space. This will create new yet unknown threat and vulnerability models that are result of bringing together both the virtual and physical contexts.