GlobalPlatform Launches Comprehensive Approach to IoT Cybersecurity Implementation

GlobalPlatform Launches Comprehensive Approach to IoT Cybersecurity Implementation

-

GlobalPlatform, the standard for secure digital services and devices, today announces the launch of IoTopia, a comprehensive framework for IoT security.

Building on GlobalPlatform’s previous work to secure the IoT, IoTopia proposes a common framework for standardizing the design, certification, deployment and management of IoT devices. IoTopia device security will be testable and meet vertical and geographical market requirements by building upon the following four foundational pillars:

  1. Security by Design: capabilities and features that go beyond best practice and define how secure components and APIs can be used with existing secure by design standards.
  2. Device Intent: IoTopia leverages IETF’s manufacturer usage descriptions (MUD) and uniform resource identifier (URI) to effectively manage device permissions and access on networks.
  3. Autonomous, Scalable, Secure Device Onboarding (SDO): IoTopia will offer an open, standards-based secure onboarding process to streamline network administration.
  4. Device Lifecycle Management: a range of features and capabilities to manage devices throughout their entire lifecycle, including updates and maintenance to services, in line with international regulations.

“The IoT ecosystem needs to get serious about cybersecurity. Many of today’s connected objects do more than simply provide information at your fingertips – they make use of sensitive data, gather information and even impact the physical world, in many cases in critical ways,” comments Kevin Gillick, GlobalPlatform Executive Director. “In light of this, there is a need for ubiquitous and standardized end-point and network security to prevent devices from becoming an entry point into a network or a platform for attacks. These are serious security concerns that need to be addressed to realize the market potential of IoT – which is why we have launched IoTopia.”

The use of proven, internationally deployed GlobalPlatform technologies to bring trust to the IoT ecosystem will also ensure that compliance with the baseline requires low to no additional costs for device makers.

“IoTopia will provide a detailed but executable framework that is standards-based, industry-wide and able to evolve as security capabilities and requirements change,” adds Russ Gyurek, GlobalPlatform IoTopia Committee Chair. “Importantly, IoTopia is bringing together global and regional guidelines and requirements to help device manufacturers build products and services that satisfy regulatory mandates. This offers the flexible security blueprint that is needed for device makers to build secure devices without having to become cybersecurity companies or experts.”

Kevin adds: “GlobalPlatform has a long history of successful standardization and certification work, which is already adding value to the IoT ecosystem. Our membership stretches across the entire IoT value chain, perfectly placed to go beyond simply defining best practice and help the market to actually implement security for IoT devices and services.”

To witness the public launch of IoTopia and hear perspectives on IoT security challenges from GSMA, NIST and ENISA, join GlobalPlatform at IoT Solutions World Congress on Wednesday, October 30th from 12:05-12:50.

Interested in contributing to IoTopia? GlobalPlatform invites and welcomes contributions to the IoTopia Committee from chip vendors, device manufacturers, thing makers, IoT platform providers, system integrators, service providers, certification labs, network vendors, end users, government bodies and policy makers. Become a GlobalPlatform member now.

For further media information, please contact Chloe Smith or Erin Lovett at iseepr: [email protected][email protected] or on +44 (0) 113 350 1922

IoT For All
IoT For All
IoT For All is an initiative to build a valuable resource for all stakeholders in the IoT industry. Our goal is to bring together the smartest minds in IoT to share knowledge through various forms of content, all aimed at educating the people who are implementing and enabling IoT.

Trending

The Impact of IoT in 2019 & Predictions for 2020 | Rohit Tripathi, SVP...

On this IoT For All podcast episode, Rohit Tripathi, SVP and Head of Products at SAP Digital Interconnect, discusses what the next generation of IoT services/solutions will look like, the impact of IoT in 2019 and his predictions for 2020.

IoT and Agile Framework: Partners in Efficacy

IoT can help Agile development teams to be more effective. The new traits that IoT can give to an Agile team include enhanced creativity and smoother internal collaborations.

AI Can Solve Our Driving Dependence — If We Don’t Mess It Up

Today, one only has to step out onto a New York street or fly over LA’s tangled highways to see the problems: auto-clogged roads, low-lying vehicle-fume smog, and barely-moving lines of single drivers sitting in multi-passenger cars. Some (mistakenly) cast luxurious self-driving cars as a means to turn the frustrations of a daily commute into a valuable period of relaxation or productivity. In this piece, I explain why that strategy won’t just be ineffective and worsen our commutes, but will also ultimately compel consumers to embrace the very transport philosophy that made us traffic-beleaguered in the first place. I also make a case for why using self-driving cars as public transport can be used as a means to eradicate driving dependence in the long term.

Why Robotic Process Automation Is the Way Forward for the Smart Data Center

This article looks at the role of RPA in the data center of the future, the so-called 'smart data center.' We explore why data centers need to smarten up, what types of RPA are available, how RPA can be integrated into the data center and the benefits of doing so.

AI in IoT Security: Friend or Foe?

Unfortunately, some of the difficulties facing AI in cybersecurity can be exploited by hackers. AI can be used for IoT security, or it can be used against it.