Security and Privacy in Resource-Constrained Devices

Recent adversarial attacks have been shown IoT devices weaknesses due to their limited computing power. Given also their ubiquitous
presence, lower costs and limitations in keeping security measures up-todate, resource-constrained devices represent a growing risk for the security of IT infrastructure. The scope of the research is to investigate the
weaknesses of resource-constrained IoT devices. The methodology for the
investigation is the legal analysis of existing legal frameworks regulating
IoT cybersecurity and data security; afterwards it will be carried out a
critical evaluation of the existing best practices. This critical analysis
should face the twofold challenge of increasing transparency and trust in
resource-constrained systems. Users and companies are two faces of the
same coin: accountability of data collectors and user awareness are crucial in the security and data protection debate. Thus, a comprehensive
overview of the relevant legal frameworks and guidelines would increase
the understanding of risks of the users, whilst data controllers (especially
of small and medium enterprises) may have an instrument to implement
properly security measures.