SEPP: Security Education and Penetration-Testing Platform for IoT

James Alexander Gordon on 5th March 2025



Author Information

Dominic Hauser, Ostbayerische Technische Hochschule Regensburg, Germany
Julian Graf, Ostbayerische Technische Hochschule Regensburg, Germany
Sebastian Fischer, Ostbayerische Technische Hochschule Regensburg, Germany
Rudolf Hackenberg, Ostbayerische Technische Hochschule Regensburg, Germany

Abstract

The Internet of Things (IoT) is becoming a major part of our everyday lives, offering convenience and smarter solutions, but also bringing significant security challenges. While theoretical knowledge in IoT security is essential, studies have shown that practical content can be an essential part of internalizing understanding. To address this, we developed the Security Education and Penetration-Testing Platform (SEPP) as the practical component of an existing IoT security course at the Ostbayerische Technische Hochschule (OTH) Regensburg. SEPP uses real IoT devices like smart locks, cameras, and plugs, simulating a smart home environment to make learning interactive and engaging. Students can explore vulnerabilities, conduct penetration tests, and document their findings through structured exercises. By working on tasks like network scanning, analyzing data traffic, and simulating attacks, students gain a deeper understanding of IoT security risks. Initial tests show that this approach helps students apply their theoretical knowledge and significantly improve their practical skills. This paper explains how SEPP was built, the exercises it offers, and why it’s an important step forward in teaching IoT security effectively. Furthermore, we aim to share the findings and tasks from this paper with other universities, providing them with a solid foundation to teach practical IoT security knowledge in their own courses.


Paper Information

Conference: ECE2025
Stream: Educational Research

This paper is part of the ECE2025 Conference Proceedings (View)
Full Paper
View / Download the full paper in a new tab/window

To cite this article:
Hauser D., Graf J., Fischer S., & Hackenberg R. (2025) SEPP: Security Education and Penetration-Testing Platform for IoT ISSN: 2188-1162 The European Conference on Education 2025: Official Conference Proceedings (pp. 443-453) https://doi.org/10.22492/issn.2188-1162.2025.36
To link to this article: https://doi.org/10.22492/issn.2188-1162.2025.36

Comments & Feedback

Place a comment using your LinkedIn profile

Comments

Share on activity feed

Powered by WP LinkPress

Share this Research

Posted by James Alexander Gordon

All Posts