Next Article in Journal
A Real Case of Implementation of the Future 5G City
Previous Article in Journal
Harnessing machine learning for fiber-induced nonlinearity mitigation in long-haul coherent optical OFDM
Previous Article in Special Issue
“Network Sentiment” Framework to Improve Security and Privacy for Smart Home
Open AccessArticle

Security Risk Analysis of LoRaWAN and Future Directions

1
Information Systems and Technology, Mid Sweden University, 851 70 Sundsvall, Sweden
2
School of Engineering (DEI/ISEP), Polytechnic of Porto (IPP), 4200-072 Porto, Portugal
*
Author to whom correspondence should be addressed.
Future Internet 2019, 11(1), 3; https://doi.org/10.3390/fi11010003
Received: 20 November 2018 / Revised: 17 December 2018 / Accepted: 18 December 2018 / Published: 21 December 2018
(This article belongs to the Special Issue IoT Security and Privacy)
LoRa (along with its upper layers definition—LoRaWAN) is one of the most promising Low Power Wide Area Network (LPWAN) technologies for implementing Internet of Things (IoT)-based applications. Although being a popular technology, several works in the literature have revealed vulnerabilities and risks regarding the security of LoRaWAN v1.0 (the official 1st specification draft). The LoRa-Alliance has built upon these findings and introduced several improvements in the security and architecture of LoRa. The result of these efforts resulted in LoRaWAN v1.1, released on 11 October 2017. This work aims at reviewing and clarifying the security aspects of LoRaWAN v1.1. By following ETSI guidelines, we provide a comprehensive Security Risk Analysis of the protocol and discuss several remedies to the security risks described. A threat catalog is presented, along with discussions and analysis in view of the scale, impact, and likelihood of each threat. To the best of the authors’ knowledge, this work is one of the first of its kind, by providing a detailed security risk analysis related to the latest version of LoRaWAN. Our analysis highlights important practical threats, such as end-device physical capture, rogue gateway and self-replay, which require particular attention by developers and organizations implementing LoRa networks. View Full-Text
Keywords: internet of things; sensor node; LPWAN; attacks; threats; vulnerabilities; IoT; analysis; risk; assessment; low power; LoRa; v1.1 internet of things; sensor node; LPWAN; attacks; threats; vulnerabilities; IoT; analysis; risk; assessment; low power; LoRa; v1.1
Show Figures

Figure 1

MDPI and ACS Style

Butun, I.; Pereira, N.; Gidlund, M. Security Risk Analysis of LoRaWAN and Future Directions. Future Internet 2019, 11, 3.

Show more citation formats Show less citations formats
Note that from the first issue of 2016, MDPI journals use article numbers instead of page numbers. See further details here.

Article Access Map

1
Back to TopTop