Internet of things (IoT), which is experiencing rapid growth in recent years, is emerging as a key elementfor continuous growth centered on related telecommunication service providers and manufacturers. Accordingly, 3rd Generation Partnership Project (3GPP) has announced the NarrowBand-IoT (NB-IoT)protocol for mobile communication networks supporting the IoT. In order to increase the battery life dueto the characteristic of IoT, 3GPP has reduced the number of signals that are thought to be unnecessaryfrom the existing LTE (Long Term Evolution). Also some functions to support only the IoT has added.As a result, NB-IoT has become a major communication protocol for IoT. However, omitting too muchof the process has shown vulnerability to fake base station attacks in the wireless section. In addition,there is no security research on NB-IoT yet.In this study, we aimed to analyze NB-IoT protocol vulnerabilities. To analyze NB-IoT control planemessages, we implemented open-source NB-IoT control plane message diagnosis analysis tool, SCAT-NB.And by using SCAT-NB, we did security analysis on two NB-IoT service provider, KR-A and KR-B, andfound vulnerabilities. Finally to verify this vulnerabilities, we developed physical layer of NB-IoT basestation software for Software Defined radio (SDR)