A Vulnerable-by-Design IoT Sensor Framework for Cybersecurity in Smart Agriculture

Agricultural Internet of Things (IoT) deployments face unique cybersecurity challenges due to resource constraints and direct impact on food production. This paper introduces a vulnerable-by-design, containerized IoT framework simulating both cybersecurity vulnerabilities and sensor health anomalies in agricultural settings. We demonstrate its agricultural relevance through a tomato greenhouse case study where combined DDoS attacks and sensor faults masked critical temperature increases to 43 °C, potentially reducing yields by up to 30%. Our masking analysis revealed counter-intuitive relationships between sensor faults and attack detectability: spike faults enhanced BOLA attack detectability by up to 95.9%, while dropout faults masked command injection attacks by 18.0%. We identified distinctive temporal signatures for each attack type and quantified these relationships through a composite detectability score. Our LSTM-based validation achieved moderate recall (0.5473 average) with significant variation across fault conditions (0.3194–0.8145), while maintaining strong precision (0.8285). The LSTM model performed best with drift fault conditions (0.9749 accuracy), while DDoS attacks were most consistently detectable (avg. score: 0.6886) and resource exhaustion attacks the most difficult (0.3056). These findings challenge conventional approaches that treat sensor health and security as separate domains. Our open-source implementation with systematic dataset generation capabilities addresses reproducibility challenges in agricultural IoT security while demonstrating that integrated health-security monitoring could significantly improve threat detection in smart agriculture deployments.