This step provides a solid foundation for understanding not only the expected functionality of the IoT system, but also the potential misuse of the system. There are three sub-steps to this part of the threat modeling process:
- Start with documenting expected functionality.
- Create an architectural diagram that details the new IoT system. During this process, trust boundaries in the architecture should be established. Trust boundaries should elucidate the trust between actors and their directionality.
- Identify technologies used within the IoT system.
Documentation of system functionality is best accomplished by creating a set of use cases such as those that follow:
Use case 1: Customer pays ... |