Vulnerability assessment of IoT-based Smart Lighting Systems

Abstract: This study addresses the significant gap in literature regarding the security risks of smart lighting systems integrated within the Internet of Things (IoT) in commercial-industrial buildings. Utilizing the OCTAVE Allegro methodol-ogy(Caralli, Stevens, Young, & Wilson, 2007), a thorough risk assessment was performed, focusing on four main information assets: sensor data, sensors and their controllers, the centralized control server data of the Smart Lighting Sys-tems (SLS), and device identifiers and authentication credentials.Threats and impacts related to each asset were identified, revealing a set of vul-nerabilities inherent in the use of smart lighting systems. Concurrently, the study proposes countermeasures, which include robust technical controls, reg-ular security audits, user awareness programs, redundancy systems, and intru-sion detection mechanisms.The findings of this research underscore the potential for mitigating the secu-rity risks associated with smart lighting systems in commercial-industrial set-tings, thereby fostering a more secure and reliable implementation of these sys-tems. The conclusions drawn serve as a springboard for further research in en-hancing the security of smart lighting systems within the IoT ecosystem.