Internet‐of‐Thing (IoT) is a rapid‐emerging technology that exploits the concept of internetwork to connect things such as physical devices and objects together. A huge number of things (6.4 billion are in use in 2016) are already acting without direct human control raising a lot of concerns about the readiness and appropriateness of existing security practices, techniques, and tools to secure the data collected and protect people's private lives. As a first step, this paper presses the importance of having a dedicated process for vetting IoT (by analogy to vetting mobile apps) with focus on exposing things' vulnerabilities that could be the primary source of attacks. These vulnerabilities are identified according to things' duties decomposed into sensing, actuating, and communicating. A set of questions shed light on things' vulnerabilities per type of duty.
Available at: http://works.bepress.com/zakaria-maamar/315/