College of Science & Engineering
College of Science & Engineering
Contact us

Smart home systems need to improve security

The security of smart domestic appliances that can be managed remotely must be improved to better protect users’ privacy, research suggests.

Experts have identified steps that manufacturers could take to improve the products’ security, in a market that is forecast to be worth £80 billion by 2022.

Design flaws

They have identified flaws in the design of home automation systems, which could enable theft of passwords or other sensitive information, scientists say.

These weaknesses could also allow online attackers to interfere with the use of domestic devices, potentially causing stress and damage to their victims.

Researchers at the University studied the security of Belkin WeMo, which is among the most popular smart home ecosystems.

App weaknesses

The team in the School of Informatics found vulnerabilities in the design of the smartphone app that is used to control smart appliances, and in the way in which these devices are configured to use home WiFi networks.

These weaknesses could enable cyber attackers to obtain users’ WiFi passwords and access to their online activities.

Phishing potential

Researchers were also able to connect a fake device, created using computer code, which can appear to the user as a legitimate smart appliance.  This has the potential to underpin phishing attacks – in which users are misled into disclosing account details that attackers can use to access other online accounts and private information.

The team have developed ways to help manufacturers remove similar weaknesses from designs and improve security.

Their findings will be presented at the 2019 IEEE International Conference on Pervasive Computing and Communications in Kyoto, Japan. The research was funded in part by the UK National Cyber Security Center.

Smart home systems and the many benefits they offer are proving popular with consumers. It is important that these are developed with security in mind, and that regulations keep pace with developments in technology and its applications.

Dr Paul PatrasSchool of Informatics

Related links

School of Informatics

Study undergraduate Computing Science (Informatics) at the University of Edinburgh

Study postgraduate Computing and Informatics at the University of Edinburgh

This article was published on