ETSI M2M IoT-A
MAS data
Disclosure of identities and cryptographic materialThreat 7: Deletion of Long-Term Service-
Layer Keys Stored in the MSBF/MAS
Attacker gains knowledge of sensitive exchanged
data
Disclosure of identities and cryptographic materialThreat 8: Discover Keys by
Eavesdropping on Communications
Between Entities
Attacker gains knowledge of sensitive exchanged
data
Disclosure of identities and cryptographic materialThreat 9: Modification of Data Stored in
the M2M Service Capabilities
Alteration of the return value upon service
invocation
Attacker alters leaf-device content so that a user
will eventually be redirected to a malicious content
Attacker alter sensor device so that monitoring of a
Physical Entity failsThreat 10: Provisioning of non-Legitimate
Keys
Disruption of a global ServiceThreat 11: Unauthorised or Corrupted
Application and Service-Layer Software in
M2M
Attacker impersonates infrastructure Services,
compromising IoT functionalities and/or other
dependent infrastructure servicesThreat 12: Subverting the M2M
Device/Gateway Integrity-Checking
Procedures
Alteration of the invocation of a ServiceThreat 13: Unauthorised or Corrupted
Software in M2M Core
Attacker impersonates infrastructure Services,
compromising IoT functionalities and/or other
dependent infrastructure servicesThreat 14: Subverting the Integrity-
Checking Procedures in the M2M Core
Alteration of the invocation of a ServiceThreat 15: General Eavesdropping on
M2M Service-Layer Messaging Between
Entities
Attacker gains knowledge of sensitive exchanged
dataThreat 16: Alteration of M2M Service-
Layer Messaging Between Entities
Alteration of the invocation of a ServiceThreat 17: Replay of M2M Service-Layer
Messaging Between Entities
Compromised intermediary devices alter traversing
data
Alteration of the invocation of a ServiceThreat 18: Breach of Privacy due to Inter-
Application Communications
User is involved in transactions with a malicious
peer
Attacker gains knowledge of user private