Organization: National Institute of Standards and Technology, U.S. Department of Commerce (NIST)
Reference: Systems Security Engineering – NIST SP 800-160
Published on: November 2016
NIST issued the final draft of the new guidance Special Publication 800-160 “Systems Security Engineering – Considerations for a Multidisciplinary Approach in the Engineering of Trustworthy Secure Systems”. The guidelines is intended to help determine the security of IoT devices and assign a level of trustworthiness to each.
From the publication Abstract:
With the continuing frequency, intensity, and adverse consequences of cyber-attacks, disruptions, hazards, and other threats to federal, state, and local governments, the military, businesses, and the critical...
Organization: Cloud Security Alliance (CSA)
Reference: Future Proofing the Connected World – 13 Steps to Developing Secure IoT Products
Published on: 7 October 2016
80-page guidance on development of secure IoT products released by the IoT Working Group of CSA.
Organization: Alliance for Internet of Things Innovation (AIOTI)
Reference: High Level Architecture Functional Model Release 2.1
Published on: September 2016
AIOTI WG3 has developed a High Level Architecture (HLA) for IoT. This document provides an initial proposal for a high-level IoT architecture. This document:
Introduces the use of ISO/IEC/IEEE 42010 by AIOTI WG3
Presents a Domain Model and discusses the “thing” in IoT
Presents a Functional Model
Links this work with the AIOTI WG3 Semantic Interoperability work and the SDO Landscape work
Organization: International Organization for Standardization (ISO)
Reference: CD 30141 Internet of Things Reference Architecture (IoT RA) (Committee Draft)
Published on: 10 September 2016 This document provides a standardized IoT reference architecture using a common vocabulary, reusable designs and industry best practices. It uses a top down approach, beginning with collecting the most important characteristics of IoT, abstracting those into a generic IoT conceptual model, deriving from the conceptual model to a high level system based reference model and then breaking down from reference model to the five architecture views (functional view, system view, user view, information view and communication view)...
Organization: National Institute of Standards and Technology (NIST)
Reference: SP800-183 Network of 'Things'
Published on: July 2016
SP 800-183 offers an underlying and foundational understanding of the Internet of Things (IoT) based on the realization that IoT involves sensing, computing, communication, and actuation. The material presented here is generic to all distributed systems that employ IoT technologies (i.e., ‘things’ and networks). By having an understanding as to what IoT represents, building IoT-based systems and researching security and reliability concerns of IoT can be accelerated. SP 800-183 is targeted at computer scientists, IT managers, networking specialists, and networking and cloud computing software...
Organization: Platform Industrie 4.0
Reference: Reference Architectural Model Industrie 4.0 (RAMI4.0)
Published on: April 2016 RAMI 4.0 is a three-dimensional map showing how to approach the issue of Industrie 4.0 in a structured manner. RAMI 4.0 ensures that all participants involved in Industrie 4.0 discussions understand each other. It combines all elements and IT components in a layer and life cycle model and breaks down complex processes into easy-to-grasp packages, including data privacy and IT security.
Organization: Symantec
Reference: Security Reference Architecture for the Internet of Things (IoT)
Published on: 17 September 2015
This paper describes a powerful and easy-to-deploy architecture for mitigating the vast majority of security threats to the Internet of Things, including advanced and sophisticated threats. The architecture rests on five fundamental tenets:
Tenet 1: A Strong Trust Model for IoT
Tenet 2: Protecting the Code that Drives IoT
Tenet 3: Safely and Effectively Managing IoT
Tenet 4: Effective Host-Based Protection for IoT
Tenet 5: Security Analytics to Address Threats Beyond the Above Countermeasures
Organization: The Institute of Electrical and Electronics Engineers (IEEE)
Reference: 2413 Standard for an Architectural Framework for the Internet of Things (IoT) (Draft)
Published on: 3 September 2015 (Draft - Work in Progress) This standard defines an architectural framework for the Internet of Things (IoT), including descriptions of various IoT domains, definitions of IoT domain abstractions, and identification of commonalities between different IoT domains. The architectural framework for IoT provides a reference model that defines relationships among various IoT verticals (e.g., transportation, healthcare, etc.) and common architecture elements. It also provides a blueprint for data abstraction and the quality "quadruple"...
Organization: Cloud Security Alliance (CSA)
Reference: Security Guidance for Early Adopters of the Internet of Things (IoT)
Published on: 16 April 2015
Guidance for the secure implementation of Internet of Things (IoT)-based systems.
Organization: Federal Trade Commission (FTC)
Reference: Careful Connections – Building Security in the Internet of Things
Published on: 27 January 2015
Advice for businesses about building security into products connected to the Internet of Things, including proper authentication, reasonable security measures, and carefully considered default settings.
Organization: NCC Group
Reference: Security of Things: An Implementers Guide to Cyber Security for Internet of Things devices and beyond
Published on: 8 April 2014
The paper takes the reader through a typical IoT product development life-cycle and associated business discussions highlighting the security and privacy impacting areas and decisions that should be considered, why they should be and the potential ramifications if not. In addition for those less experienced in secure hardware and software development lifecycles we also provide a matter of fact look at some of the challenges along the way. At a high-level the paper covers in its 35...
Organization: Internet of Things - Architecture
Reference: Architectural Reference Model for the IoT v3.0
Published on: 15 July 2013
IoT-A, the European Lighthouse Integrated Project created the proposed architectural reference model together with the definition of an initial set of key building blocks. Together they are envisioned as foundations for fostering the emerging Internet of Things. Using an experimental paradigm, IoT-A combined top-down reasoning about architectural principles and design guidelines with simulation and prototyping in exploring the technical consequences of architectural design choices.