Abstract
The Internet of Things (IoT), connecting things like home appliances and rescue robots to the Internet, is becoming the next revolutionary technology. However, with the IoT penetrating the physical world, potential risks and vulnerabilities cast a shadow upon the dawn of the IoT. Authentication, or verifying the genuineness of smart devices and establishing trust for critical infrastructure, plays a vital role in the realization of the IoT. Testbeds for experimental IoT research have flourished, most focusing on usability issues such as scalability and heterogeneity. With an affordable IoT testbed at a university lab, experiments using tools categorized by SANS Critical Security Controls are conducted from both offense and defense sides. This work focuses on smartcards and physical unclonable functions (PUF) for device authentication, following NIST Guide for Assessing Security Controls. Innovative workflows of authentication protocols are proposed and analyzed. The study prepares the future workforce for a secure IoT.