@article{22121f35cdf244e6a6fd2c690bb75c43,
title = "Reviewing IoT Security via Logic Bugs in IoT Platforms and Systems",
abstract = "In recent years, Internet-of-Things (IoT) platforms and systems have been rapidly emerging. Although IoT is a new technology, new does not mean simpler (than existing networked systems). Contrarily, the complexity (of IoT platforms and systems) is actually being increased in terms of the interactions between the physical world and cyberspace. The increased complexity indeed results in new vulnerabilities. This article seeks to provide a review of the recently discovered logic bugs that are specific to IoT platforms and systems and discuss the lessons we learned from these bugs. In particular, 20 logic bugs and one weakness falling into seven categories of vulnerabilities are reviewed in this survey.",
author = "Wei Zhou and Chen Cao and Dongdong Huo and Kai Cheng and Lan Zhang and Le Guan and Tao Liu and Yan Jia and Yaowen Zheng and Yuqing Zhang and Limin Sun and Yazhe Wang and Peng Liu",
note = "Funding Information: Manuscript received August 29, 2020; revised December 11, 2020; accepted January 30, 2021. Date of publication February 16, 2021; date of current version July 7, 2021. The work of Wei Zhou was supported in part by the National Natural Science Foundation of China under Grant U1836210; in part by the National Key Research and Development Program of China under Grant 2018YFB0804701; and in part by CSC Scholarship. The work of Chen Cao was supported by the Institute for Computational and Data Sciences at the Pennsylvania State University through an ICDS Grant. The work of Yan Jia was supported by CSC Scholarship. The work of Yuqing Zhang was supported in part by the National Natural Science Foundation of China under Grant U1836210, and in part by the National Key Research and Development Program of China under Grant 2018YFB0804701. The work of Limin Sun was supported by the Key Program of National Natural Science Foundation of China under Grant U1766215. The work of Yazhe Wang was supported by the National Key Research and Development Program of China under Grant 2019YFB1706000. The work of Peng Liu was supported in part by ARO under Grant W911NF-13-1-0421 (MURI), and in part by NSF under Grant CNS-1814679 and CNS-2019340. (Chen Cao, Dongdong Huo, Kai Cheng, Lan Zhang, Le Guan, Tao Liu, Yan Jia, and Yaowen Zheng contributed equally to this work.) (Corresponding author: Yuqing Zhang.) Wei Zhou is with the National Computer Network Intrusion Protection Center, University of Chinese Academy of Sciences, Beijing 100000, China (e-mail: zhouw@nipc.org.cn). Publisher Copyright: {\textcopyright} 2014 IEEE.",
year = "2021",
month = jul,
day = "15",
doi = "10.1109/JIOT.2021.3059457",
language = "English (US)",
volume = "8",
pages = "11621--11639",
journal = "IEEE Internet of Things Journal",
issn = "2327-4662",
publisher = "Institute of Electrical and Electronics Engineers Inc.",
number = "14",
}