Organization: AT&T
Reference: The CEO's Guide to Securing the Internet of Things
Published on: 2016
The document provides a strategic framework for securing the IoT, crafted from the work AT&T is doing with customers across many industries — as well as with their own IoT deployments.
Organization: Open Web Application Security Project (OWASP)
Reference: Principles of IoT Security
Published on: 14 May 2016
16 high-level principles of IoT security.
Organization: Platform Industrie 4.0
Reference: Technical Overview: Secure Identities
Published on: April 2016 The aim of this paper is to provide an overview of the security challenges, requirements and approaches for secure identities in Industrie 4.0 environments. This document outlines the additional efforts that will be necessary to ensure the use of sufficiently secure identity features for Industrie 4.0. This document is directed at decision-makers and users in the Industrie 4.0 context. Examples of the framework conditions to be complied with, secure identities, guiding principles, and knowledge and insights that have been gained regarding security are outlined here for this...
Organization: Platform Industrie 4.0
Reference: IT Security in Industrie 4.0
Published on: April 2016
The essential prerequisite for a successful implementation of Industrie 4.0 is a secure and trustworthy treatment of data and a reliable protection of inter-company communication from external attacks. The guideline gives an insight into the subject.
Organization: Platform Industrie 4.0
Reference: Reference Architectural Model Industrie 4.0 (RAMI4.0)
Published on: April 2016 RAMI 4.0 is a three-dimensional map showing how to approach the issue of Industrie 4.0 in a structured manner. RAMI 4.0 ensures that all participants involved in Industrie 4.0 discussions understand each other. It combines all elements and IT components in a layer and life cycle model and breaks down complex processes into easy-to-grasp packages, including data privacy and IT security.
Organization: I Am The Cavalry
Reference: Hippocratic Oath for Connected Medical Devices
Published on: 19 January 2016
High-level principles for connected medical devices.
Organization: European Union Agency for Network and Information Security (ENISA)
Reference: Cyber Security and Resilience of Intelligent Public Transport. Good practices and recommendations
Published on: 25 December 2015
This study aims at securing Smart Home Environments from cyber threats by highlighting good practices that apply to every step of a product lifecycle: its development, its integration in Smart Home Environments, and its usage and maintenance until end-of-life. The study also highlights the applicability of the security measures to different types of devices. The good practices apply to manufacturers, vendors, solution providers for hardware and software, and developers.
Organization: European Union Agency for Network and Information Security (ENISA)
Reference: Security and Resilience of Smart Home Environments
Published on: 1 December 2015
This study aims at securing Smart Home Environments from cyber threats by highlighting good practices that apply to every step of a product lifecycle: its development, its integration in Smart Home Environments, and its usage and maintenance until end-of-life. The study also highlights the applicability of the security measures to different types of devices. The good practices apply to manufacturers, vendors, solution providers for hardware and software, and developers.
Organization: Cloud Security Alliance (CSA)
Reference: Identity and Access Management for the Internet of Things
Published on: 30 September 2015
To help security practitioners ensure the integrity of their IoT deployments, the report details 23 recommendations for implementing IAM for IoT which are drawn from real-world best practices culled by CSA’s IoT Working Group along with guidance from a number of other organizations including the Kantara Initiative, FIDO, and the IETF. Some of these recommendations include:
Integrate your IoT implementation into existing IAM and GRC governance frameworks in your organization.
Do not deploy IoT resources without changing default passwords for administrative access.
Evaluate a move...
Organization: IoT Security Foundation (IoTSF)
Reference: Establishing Principles for Internet of Things Security
Published on: 22 September 2015
High-level IoT security principles (16-pages)
Organization: Symantec
Reference: Security Reference Architecture for the Internet of Things (IoT)
Published on: 17 September 2015
This paper describes a powerful and easy-to-deploy architecture for mitigating the vast majority of security threats to the Internet of Things, including advanced and sophisticated threats. The architecture rests on five fundamental tenets:
Tenet 1: A Strong Trust Model for IoT
Tenet 2: Protecting the Code that Drives IoT
Tenet 3: Safely and Effectively Managing IoT
Tenet 4: Effective Host-Based Protection for IoT
Tenet 5: Security Analytics to Address Threats Beyond the Above Countermeasures
Organization: The Institute of Electrical and Electronics Engineers (IEEE)
Reference: 2413 Standard for an Architectural Framework for the Internet of Things (IoT) (Draft)
Published on: 3 September 2015 (Draft - Work in Progress) This standard defines an architectural framework for the Internet of Things (IoT), including descriptions of various IoT domains, definitions of IoT domain abstractions, and identification of commonalities between different IoT domains. The architectural framework for IoT provides a reference model that defines relationships among various IoT verticals (e.g., transportation, healthcare, etc.) and common architecture elements. It also provides a blueprint for data abstraction and the quality "quadruple"...
Organization: Cloud Security Alliance (CSA)
Reference: Security Guidance for Early Adopters of the Internet of Things (IoT)
Published on: 16 April 2015
Guidance for the secure implementation of Internet of Things (IoT)-based systems.
Organization: I Am The Cavalry
Reference: Five Star Automotive Cyber Safety Program
Published on: 15 February 2015
High-level principles for the automotive industry cyber safety.
Organization: Federal Trade Commission (FTC)
Reference: Careful Connections – Building Security in the Internet of Things
Published on: 27 January 2015
Advice for businesses about building security into products connected to the Internet of Things, including proper authentication, reasonable security measures, and carefully considered default settings.