Errata‎ > ‎

IoT Privacy & Security Resources



Updated 8 Nov 2017 - Revision History

A running collection of IoT Security and Privacy resources (2014-present).  

Ongoing work-in-process - will remain rough as I stumble around the interweb.  

Have a change, suggestion or link to add?   Please Send it!   



Recent Changes

Aug - Oct 2017 Finds/Changes (complete revision history @ end)

Running Collection

Gov Observations/Directives

US Government

European Commission

Canada

Others to watch

Guidance

Training

Products/Vendors

Research/Publications

Analysis, Advisories & Alerts

-------

IoT Security News

Collection of IoT Security and Privacy Newsfeeds and Article Archive from this project now on Separate Page



Revision History


Original - 4Q 2014

1 Feb 2015 
- Added Open Interconnect Consortium and related IoTivity to Standards area
- This Revision History - because there is A LOT!
- US FTC's recent revelations & FTC Commissioner's Dissenting Statements on very same revelations
- US DOE's Voluntary Code of Conduct
- Removed the Privacy Section of this page because IoT Privacy and Security seem to be blending (rightfully so!)
6 Feb 2015
- Added oneM2M's Specifications Released, including Security Solutions to Standards Area
- Removed OpenInterconnect's IoT Framework for now - very little on security/privacy in Features, will attempt to work through Documentation - Drop me a line if you can direct me
9 Feb 2015
- Fixed Dates - it's 2015!
- Added Link to EU Article 29 Working Party - lots of activity to watch here
16 March 
- Had to add Creepy Barbie
- also Samsung's Rebuttal on Eavesdropping TV
20 April 2015
- CSA's IoT Paper/Press release
- IEEE Ecosystem Study - Not *exactly* security, but does highlight Security gaps
- Added NIST SP-800-160 and related "indefensible" article from FCW
- ToDo - IoT Directories(?) Cert Advisories
29 April 2015
- Italian Privacy Consultation press release
12 May 2015
- Added Online Trust Alliance IoT Working group/framework activity
- Added link to NSTAC Report to the President on the Internet of Things
- Symantec's Insecurity in the Internet of Things Report
20 May 2015
- Added Airplane Hack (creepy)
- Added Alerts, advisories and warnings associated with Hospira Infusion Pumps 
31 May 2015
- Added ISO Standards activity added
- Added Consumer Report's Policy and Action group - http://consumersunion.org
- Added link to US Sen Markey's Security and Privacy report
- Stanford IoT Security Project
05 July 2015
- Added US Senate and House Resolutions on IoT (H Res 195 and S Res 110) from Mar/April 2015
- OTA's 2015 Online Trust Audit and Honor Roll report added (now contains IoT companies)
- Fortune article on Washington's IoT understanding
08 July 2015
- Keep forgetting to add Symantec's IoT 'Reference Architecture'
- Consumer reports IoT Article
- Ofcom Report added (UK)
10 August 2015
- Flurry of EU Activity June 2015-July 2015
    - Computerworld Article
    - Added Entry for European Data Protection Supervisor and related activity
- Added link to CERT industrial controls Alert/Advisories 
- Wired Article/Video on Recent Jeep Hack
22 August 2015
- Can't believe I forgot AllSeen Alliance - Security appears to be baked in AND advanced (ECC)
26 August 2015
- IoT-A's Privacy and Security Concepts
- HP found 100% of smartwatches vulnerable!
18 Sept 2015
- FBI Alert Added
23 October 2015
- Slight reorg ... Recent finds/changes moved to top of page to callout new stuff, will move/archive here later
1 December 2015
21 January 2016
January/February 2016 Finds & Changes 
March/April 2016 Finds & Changes 
May/June 2016
July/August 2016 Finds & Changes


Sept/Oct 2016 Finds/Changes 

November 2016 Finds/Changes 
Dec - Jan 2017 Finds/Changes 
February - April 2017 Finds/Changes
May - July 2017 Finds/Changes