LoRaWAN Security: An Evolvable Survey on Vulnerabilities, Attacks and their Systematic Mitigation

Abstract

The changing vulnerability and threat landscape constantly challenge the security of wireless communication standards and protocols. For the Internet of Things (IoT), LoRaWAN is one of the dominant technologies for urban environments, industrial settings, or critical infrastructures due to its low-power and long-range capabilities. LoRaWAN IoT deployments are expected to operate for multiple years or even decades. Hence, it is imperative to maintain operational security at all times while continuously evolving the security of the standard and its implementations. We survey LoRaWAN security and follow a systematic and evolvable approach that can be dynamically updated. To this end, we propose a novel methodology to create evolvable surveys which relate the analyzed critical security concepts, thus allowing IT security experts to reason about LoRaWAN security properties over time. With this, we provide a tool to hardware manufacturers, software developers and providers, and network operators to achieve sustainable security for IoT deployments.