Skip to main content

Digital Forensic Readiness in IoT - A Risk Assessment Model

  • 389 Accesses

Part of the Communications in Computer and Information Science book series (CCIS,volume 1382)


With the increased adoption of IoT devices they have become an important source of digital evidence, and could be a vital part of investigations both for companies and law enforcement agencies. There are however some present challenges such as identification of devices, what data could be evidence (if the device stores any), and privacy. Because of this, digital forensics readiness is essential in these ecosystems. It is an important part of both risk assessment and preparation for contingencies. The devices, their potential, and procedures in case of an incident or attack, needs to be predetermined. In this paper we suggest a risk assessment model to prepare for forensic analysis in IoT, which we have called Forensics Readiness in IoT Implementation (FRIoTI), to meet the mentioned challenges.


  • IoT
  • Forensics readiness
  • IoT forensics
  • IoT forensics readiness
  • Risk assessment
  • IoT implementation

This is a preview of subscription content, access via your institution.

Buying options

USD   29.95
Price excludes VAT (USA)
  • DOI: 10.1007/978-3-030-71711-7_5
  • Chapter length: 12 pages
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
USD   89.00
Price excludes VAT (USA)
  • ISBN: 978-3-030-71711-7
  • Instant PDF download
  • Readable on all devices
  • Own it forever
  • Exclusive offer for individuals only
  • Tax calculation will be finalised during checkout
Softcover Book
USD   119.99
Price excludes VAT (USA)
Fig. 1.


  1. 1.

    IoT devices that can be accessed by users directly or through a cloud service.

  2. 2.

    IoT devices that can publish data to a cloud service.

  3. 3.

    IoT devices communicating with other IoT devices.

  4. 4.

    An investigation is considered forensically sound if evidence has not been tampered with or destroyed on accident or on purpose.

  5. 5.

    The degree to which evidence has been preserved; unchanged.

  6. 6.

    Documentation on how evidence has been handled and by whom.


  1. Ali, S., Bosche, A., Ford, F.: Cybersecurity is the key to unlocking demand in the internet of things (2018). Accessed 30 Oct 2019

  2. Årnes, A.: Digital Forensics. Wiley, New York (2017)

    Google Scholar 

  3. Bosche, A., Crawford, D., Jackson, D., Schallehn, M., Schorling, C.: Unlocking opportunities in the internet of things (2018). Accessed 29 Oct 2019

  4. Braun, A.: History of IoT: a timeline of development (2019). Accessed 18 Oct 2019

  5. Chung, H., Park, J., Lee, S.: Digital forensic approaches for amazon Alexa ecosystem. Digital Invest. 22, S15–S25 (2017)

    CrossRef  Google Scholar 

  6. Conti, M., Dehghantanha, A., Franke, K., Watson, S.: Internet of things security and forensics: challenges and opportunities (2018)

    Google Scholar 

  7. Dehghantanha, A., Franke, K.: Privacy-respecting digital investigation. In: 2014 Twelfth Annual International Conference on Privacy, Security and Trust, pp. 129–138. IEEE (2014)

    Google Scholar 

  8. Hossain, M., Karim, Y., Hasan, R.: FIF-IoT: a forensic investigation framework for iot using a public digital ledger. In: 2018 IEEE International Congress on Internet of Things (ICIOT), pp. 33–40. IEEE (2018)

    Google Scholar 

  9. HQSoftware: The history of IoT: a comprehensive timeline of major events, infographic (2018). Accessed 18 Oct 2019

  10. ISO: ISO/IEC 10118–2:2010 information technology - security techniques - hash-functions - part 2: Hash-functions using an n-bit block cipher (2010). Accessed 06 Nov 2019

  11. ISO: ISO/IEC 27043:2015 information technology - security techniques - incident investigation principles and processes (2015). Accessed 09 Oct 2019

  12. Jordaan, J.: The GDPR and DFIR (2017). Accessed 05 Apr 2020

  13. Kebande, V.R., Ray, I.: A generic digital forensic investigation framework for internet of things (IoT). In: 2016 IEEE 4th International Conference on Future Internet of Things and Cloud (FiCloud), pp. 356–362. IEEE (2016)

    Google Scholar 

  14. Kowalski, S.: It Insecurity: a multi-disciplinary inquiry (1996)

    Google Scholar 

  15. Meffert, C., Clark, D., Baggili, I., Breitinger, F.: Forensic state acquisition from internet of things (FSAIoT): a general framework and practical approach for IoT forensics through IoT device state acquisition. In: Proceedings of the 12th International Conference on Availability, Reliability and Security, p. 56. ACM (2017)

    Google Scholar 

  16. Oriwoh, E., Sant, P.: The forensics edge management system: a concept and design. In: IEEE 10th International Conference on Ubiquitous Intelligence and Computing and IEEE 10th International Conference on Autonomic and Trusted Computing, pp. 544–550. IEEE (2013)

    Google Scholar 

  17. Ruan, K., Carthy, J., Kechadi, T., Crosbie, M.: Cloud forensics. In: Peterson, G., Shenoi, S. (eds.) DigitalForensics 2011. IAICT, vol. 361, pp. 35–46. Springer, Heidelberg (2011).

    CrossRef  Google Scholar 

  18. Statista: Internet of things - number of connected devices worldwide 2015–2025 (2019). Accessed 30 Oct 2019

  19. Whitman, M.E., Mattord, H.J.: Management of Information Security. Nelson Education, Toronto (2018)

    Google Scholar 

Download references

Author information

Authors and Affiliations


Corresponding author

Correspondence to Alexander D. Forfot .

Editor information

Editors and Affiliations

Rights and permissions

Reprints and Permissions

Copyright information

© 2021 Springer Nature Switzerland AG

About this paper

Verify currency and authenticity via CrossMark

Cite this paper

Forfot, A.D., Østby, G. (2021). Digital Forensic Readiness in IoT - A Risk Assessment Model. In: Yildirim Yayilgan, S., Bajwa, I.S., Sanfilippo, F. (eds) Intelligent Technologies and Applications. INTAP 2020. Communications in Computer and Information Science, vol 1382. Springer, Cham.

Download citation

  • DOI:

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-030-71710-0

  • Online ISBN: 978-3-030-71711-7

  • eBook Packages: Computer ScienceComputer Science (R0)