Security Testing of a Smart Home Management System using Formal Method and Gray-box Testing

preprint OA: closed
View at publisher

Abstract

Abstract The increasing prevalence of Internet-of-Things (IoT) devices in households has led to a need for security testing. In a Smart Home system, the central management software is often used to control and automate the smart devices. However, it can be difficult to ensure the security of the centralized software that controls a wide selection of devices. In this paper, we present our study using the formal method and gray-box testing to analyze and validate the security of a popular Smart Home Management software: Home Assistant system. We based our study on the guidelines provided by the National Institute of Standards and Technology (NIST). The paper presents the details of our testing methods, results, discussion, and guidance for resolving any exposed vulnerabilities. Our testing results show that the Home Assistant system is vulnerable to a number of attacks, including denial-of-service attacks, data breaches, and unauthorized access. We recommend that Home Assistant developers take steps to address these vulnerabilities in order to improve the security of their systems. We hope that our study will help to raise awareness of the security risks associated with IoT devices and encourage developers to take steps to protect their users.

My notes (saved in your browser only)

Citation neighborhood (no data yet)

We don't have any in-corpus citations linked to this paper yet. The paper's references may be in our DB but unresolved to ``paper_id`` (resolution happens at ingest when the cited DOI matches a row we already have). Run the cross-source citation reconcile pass to retry.

Source provenance

europepmc
last seen: 2026-05-19T01:45:01.086888+00:00