In Specs We Trust? Conformance-Analysis of Implementation to Specifications in Node-RED and Associated Security Risks

Simon Schneider; Komal Kashish; Katja Tuma; Riccardo Scandariato

doi:10.1007/978-3-032-00624-0_14

In Specs We Trust? Conformance-Analysis of Implementation to Specifications in Node-RED and Associated Security Risks

Simon Schneider (Corresponding author), Komal Kashish, Katja Tuma, Riccardo Scandariato

Social Software Engineering

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Academic › peer-review

Abstract

Low-code development frameworks for IoT platforms offer a simple drag-and-drop mechanism to create applications for the billions of existing IoT devices without the need for extensive programming knowledge. The security of such software is crucial given the close integration of IoT devices in many highly sensitive areas such as healthcare or home automation. Node-RED is a framework to build applications from nodes that are contributed by open-source developers. Its reliance on unvetted contributions and lack of security checks raises the concern that the applications could be vulnerable to attacks, thereby posing a security risk to end users. The low-code approach could imply that users lack the technical knowledge to mitigate or even realize such security concerns. This paper focuses on hidden information flows in Node-RED nodes, meaning flows that are not captured by the specifications. They could (unknowingly or with malicious intent) cause leaks of sensitive information to unauthorized entities. We report the results of a conformance analysis of all nodes in the Node-RED framework, for which we compared the numbers of specified inputs and outputs of each node against the number of sources and sinks detected with CodeQL. The results show, that 55% of all nodes exhibit more possible flows than are specified. A risk assessment of a subset of the nodes showed, that 28% of them are associated with a high severity and 36% with a medium severity rating.

Original language	English
Title of host publication	Availability, Reliability and Security
Subtitle of host publication	20th International Conference, ARES 2025, Ghent, Belgium, August 11–14, 2025, Proceedings
Editors	Mila Dalla Preda, Sebastian Schrittwieser, Vincent Naessens, Bjorn De Sutter
Place of Publication	Cham
Publisher	Springer
Pages	278-300
Number of pages	23
Volume	1
ISBN (Electronic)	978-3-032-00624-0
ISBN (Print)	978-3-032-00623-3
DOIs	https://doi.org/10.1007/978-3-032-00624-0_14
Publication status	Published - 10 Aug 2025
Event	20th International Conference on Availability, Reliability and Security, ARES 2025 - Ghent, Belgium Duration: 11 Aug 2025 → 14 Aug 2025

Publication series

Name	Lecture Notes in Computer Science (LNCS)
Volume	15992
ISSN (Print)	0302-9743
ISSN (Electronic)	1611-3349

Conference

Conference	20th International Conference on Availability, Reliability and Security, ARES 2025
Country/Territory	Belgium
City	Ghent
Period	11/08/25 → 14/08/25

Keywords

IoT
Node-RED
conformance analysis
information flow analysis
low-code
security

Access to Document

10.1007/978-3-032-00624-0_14

Cite this

Schneider, S., Kashish, K., Tuma, K., & Scandariato, R. (2025). In Specs We Trust? Conformance-Analysis of Implementation to Specifications in Node-RED and Associated Security Risks. In M. Dalla Preda, S. Schrittwieser, V. Naessens, & B. De Sutter (Eds.), Availability, Reliability and Security: 20th International Conference, ARES 2025, Ghent, Belgium, August 11–14, 2025, Proceedings (Vol. 1, pp. 278-300). (Lecture Notes in Computer Science (LNCS); Vol. 15992). Springer. https://doi.org/10.1007/978-3-032-00624-0_14

Schneider, Simon ; Kashish, Komal ; Tuma, Katja et al. / In Specs We Trust? Conformance-Analysis of Implementation to Specifications in Node-RED and Associated Security Risks. Availability, Reliability and Security: 20th International Conference, ARES 2025, Ghent, Belgium, August 11–14, 2025, Proceedings. editor / Mila Dalla Preda ; Sebastian Schrittwieser ; Vincent Naessens ; Bjorn De Sutter. Vol. 1 Cham : Springer, 2025. pp. 278-300 (Lecture Notes in Computer Science (LNCS)).

@inproceedings{d28fe97b5637465eb2890077a12634e9,

title = "In Specs We Trust? Conformance-Analysis of Implementation to Specifications in Node-RED and Associated Security Risks",

abstract = "Low-code development frameworks for IoT platforms offer a simple drag-and-drop mechanism to create applications for the billions of existing IoT devices without the need for extensive programming knowledge. The security of such software is crucial given the close integration of IoT devices in many highly sensitive areas such as healthcare or home automation. Node-RED is a framework to build applications from nodes that are contributed by open-source developers. Its reliance on unvetted contributions and lack of security checks raises the concern that the applications could be vulnerable to attacks, thereby posing a security risk to end users. The low-code approach could imply that users lack the technical knowledge to mitigate or even realize such security concerns. This paper focuses on hidden information flows in Node-RED nodes, meaning flows that are not captured by the specifications. They could (unknowingly or with malicious intent) cause leaks of sensitive information to unauthorized entities. We report the results of a conformance analysis of all nodes in the Node-RED framework, for which we compared the numbers of specified inputs and outputs of each node against the number of sources and sinks detected with CodeQL. The results show, that 55\% of all nodes exhibit more possible flows than are specified. A risk assessment of a subset of the nodes showed, that 28\% of them are associated with a high severity and 36\% with a medium severity rating.",

keywords = "IoT, Node-RED, conformance analysis, information flow analysis, low-code, security",

author = "Simon Schneider and Komal Kashish and Katja Tuma and Riccardo Scandariato",

year = "2025",

month = aug,

day = "10",

doi = "10.1007/978-3-032-00624-0\_14",

language = "English",

isbn = "978-3-032-00623-3",

volume = "1",

series = "Lecture Notes in Computer Science (LNCS)",

publisher = "Springer",

pages = "278--300",

editor = "\{Dalla Preda\}, Mila and Sebastian Schrittwieser and Vincent Naessens and \{De Sutter\}, Bjorn",

booktitle = "Availability, Reliability and Security",

address = "Germany",

note = "20th International Conference on Availability, Reliability and Security, ARES 2025 ; Conference date: 11-08-2025 Through 14-08-2025",

}

Schneider, S, Kashish, K, Tuma, K & Scandariato, R 2025, In Specs We Trust? Conformance-Analysis of Implementation to Specifications in Node-RED and Associated Security Risks. in M Dalla Preda, S Schrittwieser, V Naessens & B De Sutter (eds), Availability, Reliability and Security: 20th International Conference, ARES 2025, Ghent, Belgium, August 11–14, 2025, Proceedings. vol. 1, Lecture Notes in Computer Science (LNCS), vol. 15992, Springer, Cham, pp. 278-300, 20th International Conference on Availability, Reliability and Security, ARES 2025, Ghent, Belgium, 11/08/25. https://doi.org/10.1007/978-3-032-00624-0_14

In Specs We Trust? Conformance-Analysis of Implementation to Specifications in Node-RED and Associated Security Risks. / Schneider, Simon (Corresponding author); Kashish, Komal; Tuma, Katja et al.
Availability, Reliability and Security: 20th International Conference, ARES 2025, Ghent, Belgium, August 11–14, 2025, Proceedings. ed. / Mila Dalla Preda; Sebastian Schrittwieser; Vincent Naessens; Bjorn De Sutter. Vol. 1 Cham: Springer, 2025. p. 278-300 (Lecture Notes in Computer Science (LNCS); Vol. 15992).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution › Academic › peer-review

TY - GEN

T1 - In Specs We Trust? Conformance-Analysis of Implementation to Specifications in Node-RED and Associated Security Risks

AU - Schneider, Simon

AU - Kashish, Komal

AU - Tuma, Katja

AU - Scandariato, Riccardo

PY - 2025/8/10

Y1 - 2025/8/10

N2 - Low-code development frameworks for IoT platforms offer a simple drag-and-drop mechanism to create applications for the billions of existing IoT devices without the need for extensive programming knowledge. The security of such software is crucial given the close integration of IoT devices in many highly sensitive areas such as healthcare or home automation. Node-RED is a framework to build applications from nodes that are contributed by open-source developers. Its reliance on unvetted contributions and lack of security checks raises the concern that the applications could be vulnerable to attacks, thereby posing a security risk to end users. The low-code approach could imply that users lack the technical knowledge to mitigate or even realize such security concerns. This paper focuses on hidden information flows in Node-RED nodes, meaning flows that are not captured by the specifications. They could (unknowingly or with malicious intent) cause leaks of sensitive information to unauthorized entities. We report the results of a conformance analysis of all nodes in the Node-RED framework, for which we compared the numbers of specified inputs and outputs of each node against the number of sources and sinks detected with CodeQL. The results show, that 55% of all nodes exhibit more possible flows than are specified. A risk assessment of a subset of the nodes showed, that 28% of them are associated with a high severity and 36% with a medium severity rating.

AB - Low-code development frameworks for IoT platforms offer a simple drag-and-drop mechanism to create applications for the billions of existing IoT devices without the need for extensive programming knowledge. The security of such software is crucial given the close integration of IoT devices in many highly sensitive areas such as healthcare or home automation. Node-RED is a framework to build applications from nodes that are contributed by open-source developers. Its reliance on unvetted contributions and lack of security checks raises the concern that the applications could be vulnerable to attacks, thereby posing a security risk to end users. The low-code approach could imply that users lack the technical knowledge to mitigate or even realize such security concerns. This paper focuses on hidden information flows in Node-RED nodes, meaning flows that are not captured by the specifications. They could (unknowingly or with malicious intent) cause leaks of sensitive information to unauthorized entities. We report the results of a conformance analysis of all nodes in the Node-RED framework, for which we compared the numbers of specified inputs and outputs of each node against the number of sources and sinks detected with CodeQL. The results show, that 55% of all nodes exhibit more possible flows than are specified. A risk assessment of a subset of the nodes showed, that 28% of them are associated with a high severity and 36% with a medium severity rating.

KW - IoT

KW - Node-RED

KW - conformance analysis

KW - information flow analysis

KW - low-code

KW - security

UR - https://www.scopus.com/pages/publications/105013742051

U2 - 10.1007/978-3-032-00624-0_14

DO - 10.1007/978-3-032-00624-0_14

M3 - Conference contribution

SN - 978-3-032-00623-3

VL - 1

T3 - Lecture Notes in Computer Science (LNCS)

SP - 278

EP - 300

BT - Availability, Reliability and Security

A2 - Dalla Preda, Mila

A2 - Schrittwieser, Sebastian

A2 - Naessens, Vincent

A2 - De Sutter, Bjorn

PB - Springer

CY - Cham

T2 - 20th International Conference on Availability, Reliability and Security, ARES 2025

Y2 - 11 August 2025 through 14 August 2025

ER -

Schneider S, Kashish K, Tuma K, Scandariato R. In Specs We Trust? Conformance-Analysis of Implementation to Specifications in Node-RED and Associated Security Risks. In Dalla Preda M, Schrittwieser S, Naessens V, De Sutter B, editors, Availability, Reliability and Security: 20th International Conference, ARES 2025, Ghent, Belgium, August 11–14, 2025, Proceedings. Vol. 1. Cham: Springer. 2025. p. 278-300. (Lecture Notes in Computer Science (LNCS)). doi: 10.1007/978-3-032-00624-0_14

In Specs We Trust? Conformance-Analysis of Implementation to Specifications in Node-RED and Associated Security Risks

Abstract

Publication series

Conference

Keywords

Access to Document

Other files and links

Embargoed Document

Fingerprint

Cite this