Connectivity of AR devices is usually similar to many mobile computing and IoT technologies, with protocols such as WIFI, Bluetooth, and NFC commonplace. The document The Industrial Internet of Things Volume G5: Connectivity Framework provides ample guidance on connectivity issues for the Industrial IoT, and a description of common issues implementing an IIoT connectivity stack.
AR connectivity protection profiles depend on a variety of factors, such as the existence of external gateways, firewalls, and deployment patterns. Hence, they are out of scope for this document but are critical for the enterprise to consider. At a minimum, the device owner/operator should understand all the network capabilities and threats associated with the AR devices, including all Open Systems Interconnection model (OSI) connectivity layers. Peripherals may use some of the connectivity capabilities with reduced authentication, opening further new attack vectors. For more information, please utilize guidance from the NIST documents described earlier.
In determining and communicating threats and attack vectors it is advisable to provide a common nomenclature and identification schema. This will allow end-customers and penetration testing groups to address specific threat areas of interest derived from specific customer concerns normally described in narrative format. These attack categories can be used both to frame the scenario and synchronize elements of concern with specific threats, exploits and vulnerabilities.
Attack Objective | Target | Description |
Functionality Abuse | Device | Abuse of legitimate AR device tools (password recovery mechanisms, etc.). |
API Manipulation | Device | Exploitation of open device APIs to introduce additional threat vectors or achieve local device control. |
Attack Objective | Target | Description |
Authentication Bypass | Device | Direct attack on device authentication mechanisms. |
Authentication Elevation | Device | Transition attack from valid user level login to privileged or root level login. |
Physical Security Bypass | Device | Bypass physical locking, biometrics or location based security mechanisms. |
Device Trust Abuse | Network | Exploit of legitimate trusted device to attack host network. |
Device Credential Abuse | Network | Spoofing of legitimate device credentials to attack host network on another device. |