CPNI-Principles-of-cyber-security-for-connected-and-automated-vehicles
Organization: UK Department for Transport, Centre for the Protection of National Infrastructure, and Centre for Connected and Autonomous Reference: Principles of cyber security for connected and automated vehicles Published on: 6 August 2017 As vehicles continue to become smarter, it’s crucial that we take the correct steps to make them cyber secure. The 8 principles in this guidance set out how the automotive sector can make sure cyber security is properly considered at every level, from designers and engineers, through to suppliers and senior level executives. The quick start guide to vehicle cyber security lists the 8 principles: organisational security is owned, governed and...
OTA-–-IoT-Trust-Framework
Organization: Online Trust Alliance (OTA) Reference: OTA – IoT Trust Framework (V2.0) Published on: Latest Update: 4 May 2017 Initially published: 5 January 2017 The IoT Trust Framework includes a set strategic principles to help secure IOT devices and their data when shipped and throughout their entire life-cycle. Through a consensus driven multi-stakeholder process, key principles have been identified for connected home, work and wearable technologies including toys and fitness devices. The Framework outlines mandatory requirements including comprehensive and security patching post warranty.
oneM2M-–-Release-2-Specifications-Security-Technical-Report
Organization: oneM2M Reference: Release 2 Specifications Within Release 2 Specifications the Security Technical Report is here Published on: 30 August 2016 Standard for M2M deployment covering requirements, architecture, API specifications, security solutions and mapping to common industry protocols such as CoAP, MQTT and HTTP.
IoTiap-–-Principles-Practices-and-a-Prescription-for-Responsible-IoT-and-Embedded-Systems-Development
Organization: IoTiap Reference: Principles, Practices and a Prescription for Responsible IoT and Embedded Systems Development Published on: 2 December 2016 This document addresses security challenges related to the Internet of Things (IoT). As a working paper, it outlines ideas and approaches to improve the situation.
ISO-CD-30141-Internet-of-Things-Reference-Architecture
Organization: International Organization for Standardization (ISO) Reference: CD 30141 Internet of Things Reference Architecture (IoT RA) (Committee Draft) Published on: 10 September 2016 This document provides a standardized IoT reference architecture using a common vocabulary, reusable designs and industry best practices. It uses a top down approach, beginning with collecting the most important characteristics of IoT, abstracting those into a generic IoT conceptual model, deriving from the conceptual model to a high level system based reference model and then breaking down from reference model to the five architecture views (functional view, system view, user view, information view and communication view)...
Secure-Technology-Alliance-–-Embedded-Hardware-Security-for-IoT-Applications
Organization: Secure Technology Alliance (Previously: Smart Card Alliance) Reference: Embedded Hardware Security for IoT Applications Published on: December 2016 This white paper describes basic security principles that are critical for IoT implementations and then reviews the application of these security principles for an example use case – managing the lifecycle of IoT devices. The white paper discusses embedded security – where hardware and/or software security mechanisms are built into the end devices used in an IoT architecture. The white paper then further focuses on embedded hardware security, where end devices include hardware features and functions to ensure that the appropriate security requirements...
ENISA-–-Securing-Smart-Airports
Organization: European Union Agency for Network and Information Security (ENISA) Reference: Securing Smart Airports Published on: 16 December 2016 In response to the new emerging threats faced by smart airports, this report provides a guide for airport decision makers (CISOs, CIOs, IT Directors and Head of Operations) and airport information security professionals, but also relevant national authorities and agencies that are in charge of cyber-security for airports. Based on an in depth examination of existing knowledge as well as validation interviews with subject matter experts, this report highlights the key assets of smart airports. Built on this, a detailed analysis and threats...
IoTSF-–-Vulnerability-Disclosure-Best-Practice-Guidelines
Organization: IoT Security Foundation (IoTSF) Reference: Vulnerability Disclosure Best Practice Guidelines Published on: 6 December 2016 The Connected Consumer Products best practice guide provides clear advice for firms that are bringing IoT class products to market. The guidelines cover the most important security elements to consider when designing a product such as application security, encryption, network connections and software updates. The guidelines take a practical approach and provide a comprehensive overview of the subject matter with additional in-depth materials supplied online.
IoTSF-IoT-Security-Compliance-Framework
Organization: IoT Security Foundation (IoTSF) Reference: IoT Security Compliance Framework Published on: 6 December 2016 The framework provides a comprehensive and practical checklist to guide organisations through a security assuring process. It offers a methodical approach to determining an organisation’s unique security posture for both business processes and technical requirements. The framework is intended to be used by key staff such as senior management, technical, manufacturing and logistics from producer companies, yet it could also be used by purchasers to assess suppliers. The framework is designed to be generally applicable and extendable with release 1.0 targeted at the consumer product category. Follow-on...
The-Cavalry-–-Five-Star-Automotive-Cyber-Safety-Program
Organization: I Am The Cavalry Reference: Five Star Automotive Cyber Safety Program Published on: 15 February 2015 High-level principles for the automotive industry cyber safety.
IIC-–-Industrial-Internet-Security-Framework-IISF
Organization: Industrial Internet Consortium (IIC) Reference: Industrial Internet Security Framework (IISF) Published on: 26 September 2016 The Industrial Internet Security Framework (IISF) is a cross-industry-focused, comprehensive (173-pages) security framework outlining number of best practices.
IoT-A-Architectural-Reference-Model-for-the-IoT
Organization: Internet of Things - Architecture Reference: Architectural Reference Model for the IoT v3.0 Published on: 15 July 2013 IoT-A, the European Lighthouse Integrated Project created the proposed architectural reference model together with the definition of an initial set of key building blocks. Together they are envisioned as foundations for fostering the emerging Internet of Things. Using an experimental paradigm, IoT-A combined top-down reasoning about architectural principles and design guidelines with simulation and prototyping in exploring the technical consequences of architectural design choices.
IEEE-SA-2413-Standard-for-an-Architectural-Framework-for-the-Internet-of-Things-IoT
Organization: The Institute of Electrical and Electronics Engineers (IEEE) Reference: 2413 Standard for an Architectural Framework for the Internet of Things (IoT) (Draft) Published on: 3 September 2015 (Draft - Work in Progress)   This standard defines an architectural framework for the Internet of Things (IoT), including descriptions of various IoT domains, definitions of IoT domain abstractions, and identification of commonalities between different IoT domains. The architectural framework for IoT provides a reference model that defines relationships among various IoT verticals (e.g., transportation, healthcare, etc.) and common architecture elements. It also provides a blueprint for data abstraction and the quality "quadruple"...
IETF-Best-Current-Practices-for-Securing-Internet-of-Things-IoT-Devices
Organization: The Internet Engineering Task Force (IETF) Reference: Best Current Practices for Securing Internet of Things (IoT) Devices (Draft) Published on: 3 July 2017 In recent years, embedded computing devices have increasingly been provided with Internet interfaces, and the typically-weak network security of such devices has become a challenge for the Internet infrastructure. This document lists a number of minimum requirements that vendors of Internet of Things (IoT) devices need to take into account during development and when producing firmware updates, in order to reduce the frequency and severity of security incidents in which such devices are implicated.
Microsoft-Internet-of-Things-security-best-practices
Organization: Microsoft Reference: Internet of Things security best practices Published on: 3 July 2017 To secure an Internet of Things (IoT) infrastructure requires a rigorous security-in-depth strategy. This strategy requires you to secure data in the cloud, protect data integrity while in transit over the public internet, and securely provision devices. Each layer builds greater security assurance in the overall infrastructure.