Organizations may need to consider a broader cyber ecosystem than their deployed on-premises and cloud-based systems, according to Intel Security’s Christopher Young who addressed the issues at the 2017RSA Conference.[1] Smart homes are increasingly becoming a part of organization’s comprehensive attack surface[2] as more employees take the opportunity to work from home. A smart home threat model is therefore needed to understand the upstream threats introduced to organizations by employees working from home.

Why a Smart Home Threat Model Matters

While organizations spend significant resources on traditional intrusion detection and defensive technologies, adversaries creatively search for new or low-security attack vectors through which they can enter your system. The employee who works from an IoT-enabled smart home may provide the perfect pathway directly past your organization’s defensive technologies. Organizations, therefore, need a quantifiable understanding of the potential upstream threats posed by employees logging in from home to better manage their comprehensive attack surface.

Download the summary threat report of this smart home threat model.

February’s Threat Model of the Month

As the first in the series Threat Model of the Month, we are presenting a smart home threat model. This is a very high-level threat model which shows only a couple of smart home components but can be easily expanded to show threats related to Smart TVs, Smart Refrigerators, and so forth.

In this threat model, there is a Smart Home Gateway (Gateway), which communicates with intrusion sensors utilizing the ZigBee protocol, and smart door locks communicating through Bluetooth, and other IoT devices utilizing standard communication protocols. The gateway connects to the Wi-Fi router, which is connected to the Cable Modem. As a backup, the gateway also connects with the Cell Tower using the 3G protocol. Homeowners (Users) can connect to a Cloud App to check the status of the intrusion sensors or open/close the smart door locks using their mobile or tablet.

Different communication protocols come with a unique set of potential threats. The ZigBee protocol between the intrusion sensors and the smart home gateway, for example, is a standard protocol for IoT devices. While the ZigBee protocol has many benefits that make it ideal for use with IoT devices, its downside includes the ability for malicious actors to quickly circumvent the home’s firewall or other security systems and send malicious instructions to the IoT devices and any system connected to the home network.[3]

Learn How to Create this Smart Home Threat Model with ThreatModelerTM

Watch this short video on how to create the above threat model with ThreatModelerTM.


Contact us to learn more about securing your organization’s IoT attack surface.


[1] Pudwell, Sam. “Smart Home Attacks and Data Weaponisation: The New Threat Vectors For 2017 And Beyond.” Silicon. NetMediaEurope: London. February 17, 2017.

[2] Agarwal, Anurag (Archie). : The Comprehensive Attack Surface.” Anurag Agarwal. Peerlyst: San Francisco. December 1, 2016.

[3] Beyst, Brian. “How Many Light Bulbs does it Take to Screw up your Life?” Brian Beyst. Peerlyst: San Francisco. November 11, 2016.



ThreatModeler revolutionizes threat modeling during the design phase by automatically analyzing potential attack surfaces. Harness our patented functionalities to make critical architectural decisions and fortify your security posture.

Learn more >


Threat modeling remains essential even after deploying workloads, given the constantly evolving landscape of cloud development and digital transformation. CloudModeler not only connects to your live cloud environment but also accurately represents the current state, enabling precise modeling of your future state

Learn more >


DevOps Engineers can reclaim a full (security-driven) sprint with IAC-Assist, which streamlines the implementation of vital security policies by automatically generating threat models through its intuitive designer.

Learn more >