BYOT-CPS: A Hybrid Cyber-Physical Systems Testbed for IoT Security Assessment and Platform Evaluation

Computer Science > Cryptography and Security [Submitted on 21 May 2026] BYOT-CPS: A Hybrid Cyber-Physical Systems Testbed for IoT Security Assessment and Platform Evaluation Yan Lin Aung, Nelson Che Neba Internet of Things (IoT) security research continues to face a methodological gap between scalable virtual experimentation and realistic device behaviour. While pure simulation and emulation platforms provide control, repeatability, and scale, they do not fully reproduce firmware-specific behaviours, hardware characteristics, and vendor implementation weaknesses that frequently determine real-world exploitability. Conversely, physicalonly testbeds provide realism but are costly to assemble, difficult to reconfigure, and hard to replicate across institutions. This paper presents Build Your Own Cyber-Physical Systems Testbed (BYOT-CPS), a hybrid cyber-physical testbed that connects real IoT devices to virtualised network infrastructure built on GNS3. BYOT-CPS is designed to support security experimentation, education, and independent evaluation of commercial IoT security platforms within a controlled environment that preserves authentic device behaviour. Six requirements for such a testbed are defined: fidelity, heterogeneity, scalability, reproducibility, extensibility, and independence. A prototype deployment integrating smart bulbs, smart plugs, switches, and IP cameras with virtual enterprise, server, attack, and monitoring zones is used to demonstrate hybrid connectivity, penetration testing workflows, a Mirai-style denial-of-service attack, traffic monitoring, and controlled device manipulation. The evidence presented constitutes a feasibility validation of the framework rather than a largescale comparative benchmark. Within that scope, BYOT-CPS offers a practical middle ground between emulation-only research environments and costly physical laboratories while positioning vendor-neutral platform evaluation as a forward-looking design objective. Subjects: Cryptography and Security (cs.CR) Cite as: arXiv:2605.23059 [cs.CR]   (or arXiv:2605.23059v1 [cs.CR] for this version)   https://doi.org/10.48550/arXiv.2605.23059 Focus to learn more Submission history From: Yan Lin Aung [view email] [v1] Thu, 21 May 2026 21:49:14 UTC (630 KB) Access Paper: HTML (experimental) view license Current browse context: cs.CR < prev   |   next > new | recent | 2026-05 Change to browse by: cs References & Citations NASA ADS Google Scholar Semantic Scholar Export BibTeX Citation Bookmark Bibliographic Tools Bibliographic and Citation Tools Bibliographic Explorer Toggle Bibliographic Explorer (What is the Explorer?) Connected Papers Toggle Connected Papers (What is Connected Papers?) Litmaps Toggle Litmaps (What is Litmaps?) scite.ai Toggle scite Smart Citations (What are Smart Citations?) Code, Data, Media Demos Related Papers About arXivLabs Which authors of this paper are endorsers? | Disable MathJax (What is MathJax?)