Organization: AT&T Reference: The CEO's Guide to Securing the Internet of Things Published on: 2016 The document provides a strategic framework for securing the IoT, crafted from the work AT&T is doing with customers across many industries — as well as with their own IoT deployments.
Organization: Open Web Application Security Project (OWASP) Reference: Principles of IoT Security Published on: 14 May 2016 16 high-level principles of IoT security.
Organization: Platform Industrie 4.0 Reference: Technical Overview: Secure Identities Published on: April 2016 The aim of this paper is to provide an overview of the security challenges, requirements and approaches for secure identities in Industrie 4.0 environments. This document outlines the additional efforts that will be necessary to ensure the use of sufficiently secure identity features for Industrie 4.0. This document is directed at decision-makers and users in the Industrie 4.0 context. Examples of the framework conditions to be complied with, secure identities, guiding principles, and knowledge and insights that have been gained regarding security are outlined here for this...
Organization: Platform Industrie 4.0 Reference: IT Security in Industrie 4.0 Published on: April 2016 The essential prerequisite for a successful implementation of Industrie 4.0 is a secure and trustworthy treatment of data and a reliable protection of inter-company communication from external attacks. The guideline gives an insight into the subject.
Organization: Platform Industrie 4.0 Reference: Reference Architectural Model Industrie 4.0 (RAMI4.0) Published on: April 2016 RAMI 4.0 is a three-dimensional map showing how to approach the issue of Industrie 4.0 in a structured manner. RAMI 4.0 ensures that all participants involved in Industrie 4.0 discussions understand each other. It combines all elements and IT components in a layer and life cycle model and breaks down complex processes into easy-to-grasp packages, including data privacy and IT security.
Organization: I Am The Cavalry Reference: Hippocratic Oath for Connected Medical Devices Published on: 19 January 2016 High-level principles for connected medical devices.
Organization: European Union Agency for Network and Information Security (ENISA) Reference: Cyber Security and Resilience of Intelligent Public Transport. Good practices and recommendations Published on: 25 December 2015 This study aims at securing Smart Home Environments from cyber threats by highlighting good practices that apply to every step of a product lifecycle: its development, its integration in Smart Home Environments, and its usage and maintenance until end-of-life. The study also highlights the applicability of the security measures to different types of devices. The good practices apply to manufacturers, vendors, solution providers for hardware and software, and developers.
Organization: European Union Agency for Network and Information Security (ENISA) Reference: Security and Resilience of Smart Home Environments Published on: 1 December 2015 This study aims at securing Smart Home Environments from cyber threats by highlighting good practices that apply to every step of a product lifecycle: its development, its integration in Smart Home Environments, and its usage and maintenance until end-of-life. The study also highlights the applicability of the security measures to different types of devices. The good practices apply to manufacturers, vendors, solution providers for hardware and software, and developers.
Organization: Cloud Security Alliance (CSA) Reference: Identity and Access Management for the Internet of Things Published on: 30 September 2015 To help security practitioners ensure the integrity of their IoT deployments, the report details 23 recommendations for implementing IAM for IoT which are drawn from real-world best practices culled by CSA’s IoT Working Group along with guidance from a number of other organizations including the Kantara Initiative, FIDO, and the IETF. Some of these recommendations include: Integrate your IoT implementation into existing IAM and GRC governance frameworks in your organization. Do not deploy IoT resources without changing default passwords for administrative access. Evaluate a move...
Organization: IoT Security Foundation (IoTSF) Reference: Establishing Principles for Internet of Things Security Published on: 22 September 2015 High-level IoT security principles (16-pages)
Organization: Symantec Reference: Security Reference Architecture for the Internet of Things (IoT) Published on: 17 September 2015 This paper describes a powerful and easy-to-deploy architecture for mitigating the vast majority of security threats to the Internet of Things, including advanced and sophisticated threats. The architecture rests on five fundamental tenets: Tenet 1: A Strong Trust Model for IoT Tenet 2: Protecting the Code that Drives IoT Tenet 3: Safely and Effectively Managing IoT Tenet 4: Effective Host-Based Protection for IoT Tenet 5: Security Analytics to Address Threats Beyond the Above Countermeasures
Organization: The Institute of Electrical and Electronics Engineers (IEEE) Reference: 2413 Standard for an Architectural Framework for the Internet of Things (IoT) (Draft) Published on: 3 September 2015 (Draft - Work in Progress)   This standard defines an architectural framework for the Internet of Things (IoT), including descriptions of various IoT domains, definitions of IoT domain abstractions, and identification of commonalities between different IoT domains. The architectural framework for IoT provides a reference model that defines relationships among various IoT verticals (e.g., transportation, healthcare, etc.) and common architecture elements. It also provides a blueprint for data abstraction and the quality "quadruple"...
Organization: Cloud Security Alliance (CSA) Reference: Security Guidance for Early Adopters of the Internet of Things (IoT) Published on: 16 April 2015 Guidance for the secure implementation of Internet of Things (IoT)-based systems.
Organization: I Am The Cavalry Reference: Five Star Automotive Cyber Safety Program Published on: 15 February 2015 High-level principles for the automotive industry cyber safety.
Organization: Federal Trade Commission (FTC) Reference: Careful Connections – Building Security in the Internet of Things Published on: 27 January 2015 Advice for businesses about building security into products connected to the Internet of Things, including proper authentication, reasonable security measures, and carefully considered default settings.