Organization: European Union Agency for Network and Information Security (ENISA)
Reference: Baseline Security Recommendations for IoT
Published on: 20 November 2017
The study which is titled ‘Baseline Security Recommendations for Internet of Things in the context of critical information infrastructures’, aims to set the scene for IoT security in Europe. It serves as a reference point in this field and as a foundation for relevant forthcoming initiatives and developments.
Organization: Broadband Internet Technical Advisory Group (BITAG)
Reference: Internet of Things (IoT) Security and Privacy Recommendations
Published on: 22 November 2016
Report on the technical aspects of Internet of Things (IoT) security and privacy outlining a number of observations and recommendations.
Organization: IoT Security Foundation (IoTSF)
Reference: IoT Security Compliance Framework
Published on: 6 December 2016
The framework provides a comprehensive and practical checklist to guide organisations through a security assuring process. It offers a methodical approach to determining an organisation’s unique security posture for both business processes and technical requirements. The framework is intended to be used by key staff such as senior management, technical, manufacturing and logistics from producer companies, yet it could also be used by purchasers to assess suppliers. The framework is designed to be generally applicable and extendable with release 1.0 targeted at the consumer product category. Follow-on...
Organization: I Am The Cavalry
Reference: Five Star Automotive Cyber Safety Program
Published on: 15 February 2015
High-level principles for the automotive industry cyber safety.
Organization: Automotive Information Sharing and Analysis Center (Auto-ISAC)
Reference: Automotive Cybersecurity Best Practices
Published on: 21 July 2016
The Best Practices cover organizational and technical aspects of vehicle cybersecurity, including governance, risk management, security by design, threat detection, incident response, training, and collaboration with appropriate third parties.
Organization: IoT Alliance Australia (IoTAA)
Reference: Internet of Things Security Guideline V1.2
Published on: November 2017
The purpose of the Internet of Things Security Guideline is to provide comprehensive, top-level guidance to:
promote a ‘security by design’ approach to IoT;
assist industry to understand the practical application of security and privacy for IoT device use;
be utilised by the IoT industry and digital service providers which use or provide support services for IoT deployments; and
assist industry to understand some of the relevant legislation around privacy and security.
Organization: European Union Agency for Network and Information Security (ENISA)
Reference: Cyber security and resilience for Smart Hospitals
Published on: 24 November 2016
This study proposes key recommendations for hospital information security executives and industry to enhance the level of information security in Smart Hospitals. Through the identification of assets and the related threats when IoT components are supporting a healthcare organisation the report described the Smart Hospital ecosystem and its specific objectives. Based on the analysis of documents and empirical data, and the detailed examination of attack scenarios found to be particularly relevant for smart hospitals, this document identifies mitigation techniques...
Organization: IoT Security Foundation (IoTSF)
Reference: Best Practice Guidelines for Connected Consumer Products
Published on: 6 December 2016
The Connected Consumer Products best practice guide provides clear advice for firms that are bringing IoT class products to market. The guidelines cover the most important security elements to consider when designing a product such as application security, encryption, network connections and software updates. The guidelines take a practical approach and provide a comprehensive overview of the subject matter with additional in-depth materials supplied online.
Organization: Cloud Security Alliance (CSA)
Reference: Security Guidance for Early Adopters of the Internet of Things (IoT)
Published on: 16 April 2015
Guidance for the secure implementation of Internet of Things (IoT)-based systems.
Organization: Z-Wave
Reference: S2 Security Framework
Published on: August 2016
Introduction into the new Security 2 (S2) framework for smart home devices and controllers, gateways and hubs.
Organization: GSMA
Reference: IoT Security Guidelines
Published on: Latest Update on 31 October 2017 V2.0. Published on 9 February 2016
IoT Security Guidelines is a comprehensive set of best practices promoting the secure end-to-end design, development and deployment of IoT solutions. Aimed for mobile service providers who are looking to develop new IoT products and services. Target audience: IoT Service Providers, IoT Device Manufacturers, IoT Developers, Mobile Network Operators. GSMA provides a set of documents which includes:
IoT Security Guidelines for Service Ecosystem
IoT Security Guidelines for Endpoint Ecosystem
IoT Security Guidelines for Network Operators
Organization: I Am The Cavalry
Reference: Hippocratic Oath for Connected Medical Devices
Published on: 19 January 2016
High-level principles for connected medical devices.
Organization: IoT Security Foundation (IoTSF)
Reference: Vulnerability Disclosure Best Practice Guidelines
Published on: 6 December 2016
The Connected Consumer Products best practice guide provides clear advice for firms that are bringing IoT class products to market. The guidelines cover the most important security elements to consider when designing a product such as application security, encryption, network connections and software updates. The guidelines take a practical approach and provide a comprehensive overview of the subject matter with additional in-depth materials supplied online.
Organization: The Institute of Electrical and Electronics Engineers (IEEE)
Reference: 2413 Standard for an Architectural Framework for the Internet of Things (IoT) (Draft)
Published on: 3 September 2015 (Draft - Work in Progress) This standard defines an architectural framework for the Internet of Things (IoT), including descriptions of various IoT domains, definitions of IoT domain abstractions, and identification of commonalities between different IoT domains. The architectural framework for IoT provides a reference model that defines relationships among various IoT verticals (e.g., transportation, healthcare, etc.) and common architecture elements. It also provides a blueprint for data abstraction and the quality "quadruple"...
Organization: oneM2M
Reference: Release 2 Specifications Within Release 2 Specifications the Security Technical Report is here
Published on: 30 August 2016
Standard for M2M deployment covering requirements, architecture, API specifications, security solutions and mapping to common industry protocols such as CoAP, MQTT and HTTP.