This paper presents a comprehensive survey of security analysis techniques for Internet of Things (IoT) device firmware, emphasizing reverse engineering methodologies. The study investigates the evaluation of critical security properties like encryption protocols, secure data storage, authentication mechanisms, and unauthorized access prevention. Additionally, interoperability, firmware update mechanisms, and adherence to industry standards are examined. The analysis includes the Federal Communications Commission's (FCC) voluntary IoT labeling program and its alignment with National Institute of Standards and Technology (NIST) Special Publication (SP) 800-53 Security and Privacy Controls for Federal Information Systems and Organizations (NISTIR 8425) security criteria. The survey explores various technical approaches for IoT device security assessment, including emulator-based testing, automated code analysis, network fuzzing, manual reverse engineering, and system-level exploration. These methodologies are discussed in the context of their application to firmware analysis, firmware acquisition, decryption, hardware disassembly, chip analysis, and chip-level reverse engineering. The research findings highlight the importance of combining these techniques for a comprehensive understanding of an IoT device's security posture. The study emphasizes the need for adherence to security standards, regulatory requirements, and certification processes as outlined in NISTIR 8425 and integrated within the FCC's labeling program. Robust security measures, transparent data practices, interoperability considerations, and effective lifecycle management are crucial for ensuring secure, functional, and trustworthy IoT devices.