This repository contains the source code for MUDThread, a new security extension to OpenThread. Integrating Manufacturer Usage Description into OpenThread restricts the potential network capabilities of a device running OpenThread. By creating an online available MUD File, MUDThread can create and enforce a local firewall policy for this device.
This repository contains two individual systems:
ot-br-posixcontains a modified version of the OpenThread Border Router repository used to run a border router on a Raspberry Pi 4B.openthreadcontains a modified version of the OpenThread repository used to run end devices on Nordic nRF5340 Development Kits.
The OpenThread Border Router is extended with a MUD Manager to download and parse MUD files communicated from end-devices to border routers. This MUD Manager creates an executable script that contains consice ip6tables commands to secure a device from unwanted network traffic.
OpenThread does not contain any MUD processing, and is only extended with a MUD URL (pointing to the MUD File online). This MUD URL is, when enabled, sent to all routers in the Thread network.
This folder contains again two subfolders:
cliis a demo program used to create a command-line interface on a Nordic nRF5340DK System-On-Chip (SOC).srccontains the modified OpenThread Repo taken from the Nordic Connect SDK.
The following image shows an overview of all components of MUDThread in action.
