Standardising a Moving Target: The Development and Evolution of IoT Security Standards

9 Pages Posted: 20 Aug 2019

See all articles by Irina Brass

Irina Brass

University College London - Department of Science, Technology, Engineering and Public Policy (STEaPP)

Leonie Tanczer

University College London - Department of Science, Technology, Engineering and Public Policy (STEaPP)

Madeline Carr

University College London - Department of Science, Technology, Engineering and Public Policy (STEaPP)

Miles Elsden

University College London - University College London, Department of Science, Technology, Engineering and Public Policy (STEaPP) Students

Jason J Blackstock

University College London - Department of Science, Technology, Engineering and Public Policy (STEaPP)

Date Written: 2018

Abstract

The standards landscape for IoT security is currently devel- oping in a fragmented manner. This paper provides a re- view of the main IoT security standards and guidelines that have been developed by formal standardisation organisations and transnational industry associations and interest alliances to date. The review makes three main contributions to the study of current IoT standards-development processes. First, gov- ernments and regulatory agencies in the EU and the US are increasingly considering the promotion of baseline IoT secu- rity requirements, achieved through public procurement obli- gations and cybersecurity certification schemes. Second, the analysis reveals that the IoT security standards landscape is dominated by de facto standards initiated by a diverse range of industry associations across the IoT ecosystem. Third, the pa- per identifies a number of key challenges for IoT security stan- dardisation, most notably: a) the difficulty of setting a baseline for IoT security across all IoT applications and domains; and b) the difficulty of monitoring the adoption, implementation and effectiveness of IoT security standards and best practices. The paper consequently contributes to a better understanding of the evolution of IoT security standards and proposes a more coherent standards development and deployment approach.

Suggested Citation

Brass, Irina and Tanczer, Leonie and Carr, Madeline and Elsden, Miles and Blackstock, Jason, Standardising a Moving Target: The Development and Evolution of IoT Security Standards (2018). Available at SSRN: https://ssrn.com/abstract=3437681 or http://dx.doi.org/10.2139/ssrn.3437681

Irina Brass (Contact Author)

University College London - Department of Science, Technology, Engineering and Public Policy (STEaPP) ( email )

Boston House
36–38 Fitzroy Square
London, W1t 3EY
United Kingdom

Leonie Tanczer

University College London - Department of Science, Technology, Engineering and Public Policy (STEaPP) ( email )

Boston House
36–38 Fitzroy Square
London, W1t 3EY
United Kingdom

Madeline Carr

University College London - Department of Science, Technology, Engineering and Public Policy (STEaPP) ( email )

Boston House
36–38 Fitzroy Square
London, W1t 3EY
United Kingdom

Miles Elsden

University College London - University College London, Department of Science, Technology, Engineering and Public Policy (STEaPP) Students ( email )

Boston House
36–38 Fitzroy Square
London, W1t 3EY
United Kingdom

Jason Blackstock

University College London - Department of Science, Technology, Engineering and Public Policy (STEaPP) ( email )

Boston House
36–38 Fitzroy Square
London, W1t 3EY
United Kingdom

Register to save articles to
your library

Register

Paper statistics

Downloads
10
Abstract Views
105
PlumX Metrics