In [3]:
import random
import time
from cryptography.fernet import Fernet
from cryptography.hazmat.primitives import hashes
from cryptography.hazmat.primitives.kdf.pbkdf2 import PBKDF2HMAC
import base64
import os

def generate_safe_key(passphrase: str) -> bytes:
    kdf = PBKDF2HMAC(
        algorithm=hashes.SHA256(),
        length=32,
        salt=b'',
        iterations=480000,
    )
    return base64.urlsafe_b64encode(kdf.derive(passphrase.encode()))


PASSPHRASE = "IoT-Security-Lab-05-STIS"
KEY = generate_safe_key(PASSPHRASE)
cipher_suite = Fernet(KEY)

print("--- System Initialization ---")
print(f"üîë Shared Secret Key (Fernet Key):\n {KEY.decode()}")
print("-" * 30)


def iot_device_send_data():
    print("--- IoT Device Simulation (Sender) ---")

    temperature = round(random.uniform(25.0, 35.0), 1)
    humidity = random.randint(40, 70)

    plaintext_data = f"Timestamp: {int(time.time())}, Temp: {temperature}¬∞C, Humidity: {humidity}%"
    data_bytes = plaintext_data.encode()

    print(f"1. Original Data (Plaintext): {plaintext_data}")

    encrypted_data = cipher_suite.encrypt(data_bytes)

    print(f"2. Encrypted Data (Ciphertext): {encrypted_data.decode()[:60]}... (Encrypted)")

    return encrypted_data


def server_receive_and_decrypt(encrypted_data):
    print("\n--- Server Simulation (Receiver) ---")

    try:
        decrypted_bytes = cipher_suite.decrypt(encrypted_data)
        decrypted_data = decrypted_bytes.decode()

        print(f"3. Decrypted Data: {decrypted_data}")

        return True, decrypted_data

    except Exception as e:
        print(f"‚ùå Decryption Error: Authentication failed or invalid key. {e}")
        return False, None


ciphertext = iot_device_send_data()

success, final_data = server_receive_and_decrypt(ciphertext)

print("-" * 30)

if success:
    print("‚úÖ Success: Secure data transmission verified. Decrypted data matches the original.")
else:
    print("‚ùå Failure: Decrypted data does not match the original.")


--- System Initialization ---
üîë Shared Secret Key (Fernet Key):
 m0bxkAReTbGQSecmm-miAfqPNRPiQQB_nGdOXPmhP4o=
------------------------------
--- IoT Device Simulation (Sender) ---
1. Original Data (Plaintext): Timestamp: 1764516060, Temp: 30.8¬∞C, Humidity: 47%
2. Encrypted Data (Ciphertext): gAAAAABpLGDcD52ScOPyB6VAtj33YT00EkCHgLu0YBM7Hmo9h6fQKok-EdTa... (Encrypted)

--- Server Simulation (Receiver) ---
3. Decrypted Data: Timestamp: 1764516060, Temp: 30.8¬∞C, Humidity: 47%
------------------------------
‚úÖ Success: Secure data transmission verified. Decrypted data matches the original.


In [6]:
import time

def log_security_event(stage: int, message: str):

    timestamp = time.strftime("%Y-%m-%d %H:%M:%S")
    print(f"[{timestamp}] [Stage {stage}] {message}")

def simulate_iot_security_lifecycle():
    print("--- IoT Device Security Lifecycle Simulation ---")



    log_security_event(1, "Threat model created, identifying data tampering and unauthorized access risks.")


    log_security_event(2, "Secure boot process started. Firmware hash verified against stored signature.")
    log_security_event(2, "Secure boot verified, system integrity confirmed.") #


    log_security_event(3, "Secure key injection module initialized.")
    log_security_event(3, "Keys injected securely: Root key, Communication key (mock values used).") #


    log_security_event(4, "OTA firmware update check initiated.")
    log_security_event(4, "OTA update verified: No new critical update found. System operating with V1.2.") #


    log_security_event(5, "Device decommissioning routine triggered.")
    log_security_event(5, "Sensitive secrets (keys, user data) wiped from non-volatile memory.")
    log_security_event(5, "Device decommissioned, secrets wiped.") #




simulate_iot_security_lifecycle()

--- IoT Device Security Lifecycle Simulation ---
[2025-11-30 15:23:15] [Stage 1] Threat model created, identifying data tampering and unauthorized access risks.
[2025-11-30 15:23:15] [Stage 2] Secure boot process started. Firmware hash verified against stored signature.
[2025-11-30 15:23:15] [Stage 2] Secure boot verified, system integrity confirmed.
[2025-11-30 15:23:15] [Stage 3] Secure key injection module initialized.
[2025-11-30 15:23:15] [Stage 3] Keys injected securely: Root key, Communication key (mock values used).
[2025-11-30 15:23:15] [Stage 4] OTA firmware update check initiated.
[2025-11-30 15:23:15] [Stage 4] OTA update verified: No new critical update found. System operating with V1.2.
[2025-11-30 15:23:15] [Stage 5] Device decommissioning routine triggered.
[2025-11-30 15:23:15] [Stage 5] Sensitive secrets (keys, user data) wiped from non-volatile memory.
[2025-11-30 15:23:15] [Stage 5] Device decommissioned, secrets wiped.
