- From: Mccool, Michael <michael.mccool@intel.com>
- Date: Thu, 17 Aug 2017 08:49:04 +0000
- To: David Rogers <david.rogers@copperhorse.co.uk>
- CC: "public-wot-ig@w3.org" <public-wot-ig@w3.org>
- Message-ID: <267F1CFD-0B3D-4643-A958-06FAFA19D12A@intel.com>
David, BTW, looks like the URL for the AIOTI doc you cite has changed... the old base URL is giving a 404 now. I guess they haven't heard of redirection... https://aioti.eu/wp-content/uploads/2017/03/AIOTI-Digitisation-of-Ind-policy-doc-Nov-2016.pdf Michael McCool, Principal Engineer, Intel SSG/DPD/Technology Pathfinding and Innovation On Aug 17, 2017, at 17:29, Mccool, Michael <michael.mccool@intel.com<mailto:michael.mccool@intel.com>> wrote: Thanks! I was aware of the second and third ones on your list (and will confirm they are kisted as references) but will look at your other collection. The book I cited also has a bunch of references but from 2015. I'm also aware of the bill proposed in the US Senate but its still just a bill, so... Michael McCool, Principal Engineer, Intel SSG/DPD/Technology Pathfinding and Innovation On Aug 17, 2017, at 15:44, David Rogers <david.rogers@copperhorse.co.uk<mailto:david.rogers@copperhorse.co.uk>> wrote: Hi, A list here (which I need to update): http://blog.mobilephonesecurity.org/2016/11/iot-security-resources.html IoT Security Foundation Best Practices - 1.1 being launched shortly: https://iotsecurityfoundation.org/best-practice-guidelines/ Also checkout the GSMA IoT security guidelines: https://www.gsma.com/iot/future-iot-networks/iot-security-guidelines/ Cheers, David. Sent from my mobile -------- Original message -------- From: "Mccool, Michael" <michael.mccool@intel.com<mailto:michael.mccool@intel.com>> Date: 17/08/2017 04:03 (GMT+01:00) To: public-wot-ig@w3.org<mailto:public-wot-ig@w3.org> Subject: References for "best practices" in IoT security needed I've been looking for references on "best practices" in IoT security. Ideally these would be standards we could cite or practices adopted or required by major organizations (eg large companies or governments). While the following is not a standard (unfortunately), and I haven't yet read through the whole thing, the following book is proving to be pretty useful. In particular, it highlights the interaction of safety and security in IoT, something which is not necessarily a factor in other cybersecurity contexts: Practical Internet of Things Security https://g.co/kgs/MSw7Yz At the same time, we DO still need better "anchor" citations from standards bodies or similar organizations we can use for best practice security recommendations *in IoT*. If anyone on this list has suggestions, please give them. We do have an existing set of references under the main github site. Michael McCool
Received on Thursday, 17 August 2017 08:51:22 UTC