Mapping the IoT Security Foundation’s Compliance Framework to ETSI TS 103 645 Standard

N/A | February 19, 2019

article image
The IoT Security Compliance Framework [Framework] [ii] was first published in December 2016 by the IoT Security Foundation [IoTSF], and initially targeted at the Consumer/Smart Home markets. The Compliance Framework with its accompanying comprehensive checklist guides a vendor through an assurance process, gathering evidence in a structured process and conforming to contemporary best practice and applicable standards. The Framework has been updated in Release 2.0 in December 2019, so as to encompass all types IoT devices by adopting a risk based assessment process.

Spotlight

Patero GmbH

Patero GmbH was founded in November 2017 specifically for the development and commercialization of a mobile phone with its own built-in proprietary crypto hardware (made in Germany) for the encryption of voice and data communication.

OTHER ARTICLES

5 Things to Know About the IoT Platforms Market

Article | June 8, 2021

5 years ago, when we forecasted that the IoT platforms market would have a 5-year compound annual growth rate (CAGR) of 35%, we wondered if our growth projection was unrealistically high. 5 years later, it has become apparent that the forecast was actually too low. The IoT Platforms market between 2015 and 2020 grew to be $800 million larger than we forecasted back in early 2016, resulting in a staggering 48% CAGR. Comparing what we “knew” back in 2016 to what we know today provides some clues as to why the market exceeded expectations so much. 5 years ago, no one really knew what an IoT platform was, let alone how big the market would be, which business models would work, how architectures would evolve, and which companies/industries would adopt them. The only thing that was “known” was that the IoT platforms market was a billion dollar “blue ocean” opportunity ready to be captured by innovative companies.

Read More

Breaking Down IoT Standards and Protocols

Article | June 8, 2021

The Internet of Things has given rise to a host of new standards and protocols. Still more protocols that originally existed for other purposes but are well suited to new IoT applications have been adopted by device manufacturers and application creators. Though in some senses IoT devices are the same as any other internet-connected device, the bandwidth, power, and transmission distance constraints inherent in many IoT applications require novel new solutions to the fundamental actions of connectivity, data transfer, device discovery, and communication. This article will serve as a brief glossary of terms related to IoT communication protocols and standards. Click here for a more complete introduction to connectivity options.

Read More

Microsoft acquires ReFirm Labs to enhance IoT security

Article | June 8, 2021

Modern computing devices can be thought of as a collection of discrete microprocessors each with a dedicated function like high-speed networking, graphics, Disk I/O, AI, and everything in between. The emergence of the intelligent edge has accelerated the number of these cloud-connected devices that contain multiple specialized sub-processors each with its own firmware layer and often a custom operating system. Many vulnerability analysis and endpoint detection and response (EDR) tools find it challenging to monitor and protect devices at the firmware level, leading to an attractive security gap for attackers to exploit. At the same time, we have also seen growth in the number of attacks against firmware where sensitive information like credentials and encryption keys are stored in memory. A recent survey commissioned by Microsoft of 1,000 security decision-makers found that 83 percent had experienced some level of firmware security incident, but only 29 percent are allocating resources to protect that critical layer. And according to March 2021 data from the National Vulnerability Database included in a presentation from the Department of Homeland Security’s Cybersecurity and Infrastructure Agency (CISA) at the 2021 RSA, difficult-to-patch firmware attacks are continuing to rise. Microsoft’s Azure Defender for IoT team (formerly CyberX) recently announced alongside the Department of Homeland Security a series of more than 25 critical severity vulnerabilities in IoT and OT devices

Read More

From outside-in to inside-out: My take on IoT

Article | June 8, 2021

At IDC I co-founded a practice that studied the three dimensions of IoT: industry technology platforms, industry verticals and industry geographies. As an industry analyst, I had a front-row ticket to the IoT market and continually witnessed incredible innovations. Like many other experts, I kept my seatbelt buckled for what we expected to be IoT’s massive and dramatic take-off. While there has been uptake, real-world adoption and implementation have lagged the “hype.” In time, I found myself growing increasingly frustrated at the disconnect. What was the holdup? Knowing that industry analysts are beholden to the marketing messages that each company shares, I welcomed an opportunity to make the move from an outside-in analyst to an inside-out contributor.

Read More

Spotlight

Patero GmbH

Patero GmbH was founded in November 2017 specifically for the development and commercialization of a mobile phone with its own built-in proprietary crypto hardware (made in Germany) for the encryption of voice and data communication.

Events