ISO/IEC 27402 — Cybersecurity — IoT security and privacy — Device baseline requirements [DRAFT]
This project is documenting the common but basic security features expected of IoT devices, enabling the IoT security controls documented in ISO/IEC 27030. A unique (and ideally immutable and verifiable!) device identifier is an example, plus a ‘factory reset’ function. It is anticipated that additional security controls will be required (and may be defined in further standards) for specific applications (e.g. medical things).
Scope of the standard
The standard is intended to specify a ‘baseline’ or platform for ‘IoT devices’ [things] supporting information security and privacy controls.
Content of the standard
The standard is at 1st Working Draft stage.
Errr, watch this space.
< Previous standard ^ Up a level ^ Next standard >