software . 2022

Home Assistant Integrations for a Threat Model

Luca Mannella;
Open Access
  • Published: 13 May 2022
  • Publisher: Zenodo
To validate the threat model proposed in the paper: "A Threat Model for Extensible Smart Home Gateways", presented at SpliTech 2022. We developed three different integrations: switch_target, light_altering_state, and light_simple_access. For these testing components, we developed only the code necessary for the integrations to interact with Home Assistant. I.e., the developed plug-ins do not integrate any physical device. However, the lack of physical devices does not invalidate the outcomes of the analysis. The integrations could be easily expanded to interact with physical devices by developing an appropriate Python package or including an existing one. The light_simple_access and the light_altering_state integrations behave like lights with additional malicious characteristics. Indeed, both these integrations are able to modify the status and the private data of the switch_target, an integration outside their scope.
Persistent Identifiers
free text keywords: Home Assistant, Threat Model, Proof of concept, Gateway, Internet of Things, Cybersecurity, SpliTech
  • Rural Digital Europe
Download from
Open Access
Software . 2022
Providers: ZENODO
Any information missing or wrong?Report an Issue