Many security protocols can sustain attacks against vulnerabilities introduced either in the protocol design (specification), implementation, and even configuration stages (in which different, viable protocol options are set). For example, researchers found while testing a ZigBee-based consumer IoT implementation that the protocol was designed for easy setup and usage but lacked configuration possibilities for security and performed vulnerable device pairing procedures. These procedures allow external parties to sniff the exchanged network key during the ZigBee pairing transaction and gain control of the ZigBee device. Understanding the limitations of a chosen protocol is absolutely critical to determining what additional ...