- From: Peter Saint-Andre - Filament <peter@filament.com>
- Date: Thu, 17 Aug 2017 15:50:34 -0600
- To: "Mccool, Michael" <michael.mccool@intel.com>, David Rogers <david.rogers@copperhorse.co.uk>
- Cc: "public-wot-ig@w3.org" <public-wot-ig@w3.org>
The IIC IoT Security Framework is quite good: http://www.iiconsortium.org/pdf/IIC_PUB_G4_V1.00_PB-3.pdf UL 2900-2-2 is excellent but paywalled. And there's a big list here: https://www.schneier.com/blog/archives/2017/02/security_and_pr.html Peter On 8/17/17 2:29 AM, Mccool, Michael wrote: > Thanks! I was aware of the second and third ones on your list (and will > confirm they are kisted as references) but will look at your other > collection. The book I cited also has a bunch of references but from 2015. > > I'm also aware of the bill proposed in the US Senate but its still just > a bill, so... > > Michael McCool, Principal Engineer, Intel > SSG/DPD/Technology Pathfinding and Innovation > > On Aug 17, 2017, at 15:44, David Rogers <david.rogers@copperhorse.co.uk > <mailto:david.rogers@copperhorse.co.uk>> wrote: > >> Hi, >> >> A list here (which I need to >> update): http://blog.mobilephonesecurity.org/2016/11/iot-security-resources.html >> >> IoT Security Foundation Best Practices - 1.1 being launched >> shortly: https://iotsecurityfoundation.org/best-practice-guidelines/ >> >> Also checkout the GSMA IoT security >> guidelines: https://www.gsma.com/iot/future-iot-networks/iot-security-guidelines/ >> >> Cheers, >> >> >> David. >> >> >> >> Sent from my mobile >> >> -------- Original message -------- >> From: "Mccool, Michael" <michael.mccool@intel.com >> <mailto:michael.mccool@intel.com>> >> Date: 17/08/2017 04:03 (GMT+01:00) >> To: public-wot-ig@w3.org <mailto:public-wot-ig@w3.org> >> Subject: References for "best practices" in IoT security needed >> >> I've been looking for references on "best practices" in IoT security. >> Ideally these would be standards we could cite or practices adopted or >> required by major organizations (eg large companies or governments). >> >> While the following is not a standard (unfortunately), and I haven't >> yet read through the whole thing, the following book is proving to be >> pretty useful. In particular, it highlights the interaction of safety >> and security in IoT, something which is not necessarily a factor in >> other cybersecurity contexts: >> >> Practical Internet of Things Security https://g.co/kgs/MSw7Yz >> >> At the same time, we DO still need better "anchor" citations from >> standards bodies or similar organizations we can use for best practice >> security recommendations *in IoT*. If anyone on this list has >> suggestions, please give them. >> >> We do have an existing set of references under the main github site. >> >> Michael McCool >> >>
Received on Thursday, 17 August 2017 21:51:01 UTC