IoT is vast and has many security related issues – how do we go about addressing them?
The answer is collaboratively and in priority order. That’s where the Executive Steering Board and the IoTSF membership work in harmony.
IoTSF has a number of priority working groups to encourage the building of an Internet of Trust – the Working Groups is where the practical work takes place.
Here is a list of the current priority working groups. Each has been assigned an executive steering board champion to bring them to life, and a chair person to ensure progress.
Working Group 1: IoT Certification
The objective of this working group is to determine comprehensive requirements for a low-cost, accessible and readily actionable system of self-certification and third party certifications in order to improve the quality and pervasiveness of security in IoT products. This working groups produces and maintains the IoT Security Compliance Framework
- Board champion: David Rogers, Copper Horse Solutions
- Chair: Chris Shire, Infineon Technologies Ltd.
Working Group 2: Best Practice Guides
The objective of this working group is to produce security best practice guidelines for different classes of devices and systems.
This group’s output can be found on the Best Practice Guidelines page
- Board champion: Ken Munro, Pen Test Partners
- Chair: Jeff Day, BT plc.
Working Group 3: Compliance Validation and Test
This working group considers the test and compliance requirements for assessing products, services and organisations against the Foundation’s Compliance Framework.
- Board champion: Richard Marshall, Xitec Ltd.
- Formation supported by: Mike Bartley, TVS Ltd.
Working Group 4: Vulnerability Disclosure Guidance
What happens when a researcher identifies a security vulnerability in your product or service? This working group seeks to educate the need for establishing a channel of communication and determining a framework of best practice for both researchers and companies to follow.
- Board champion: Kenny Paterson, Royal Holloway, University of London
- Chair: Craig Heath, Franklin Heath Ltd.
Working Group 5: IoT Security Landscape
This working group maps applications of IoT at a high level, from a system-wide and end to end perspective, to identify where vulnerabilities may lie and inform future IoTSF work.
- Board champion: Steve Babbage, Vodafone
- Chair: Daniel Ng, Cyberowl
Working Group 6: Smart Buildings
This working group has been set up to establish a set of guidelines to help each of the supply chain participants specify, procure, install/integrate and operate/maintain IoT securely in buildings.
- Board Champion: Prof. Paul Dorey, CSO Confidential
- Chair: Alan Mihalic, Norman Disney & Young
Working Group 7: Trust mark
This group has been tasked with looking at the utility and practicality of market facing ‘trust marks’ – to effectively communicate security capabilities and provide confidence.
- Board Champion: Stephen Pattison, ARM
- Chair: Chris Torr, Multos
About the Working Groups
Each Working Group is populated by IoTSF members who contribute to producing best practice guidelines.
Members collaborate via physical meetings and via online meeting facilities: i.e. our messaging/document file platform. This allows flexibility for members to discuss and exchange ideas regardless of location. The schedule is organised by each working group chair, and updates are provided regularly between the working groups in face to face / virtual meetings. In this way we ensure members are kept updated and the groups work in harmony.
IoTSF members can join any of the working groups and contribute to creating best practice guidelines.
If you are a member of IoTSF and would like to join any of the working groups, contact us by clicking here and let us know which groups you are interested to join – we’ll take care of the details.