Being Regulation Ready for IoT Products

Loading
loading..

Being Regulation Ready for IoT Products

November 26, 2018
Natalie Bourke
No Comments

The development of the Internet of Things (IoT) has opened up opportunities across society and business, yet with this comes new security concerns and cyber threats. These can range from small inconveniences to serious privacy threats which could have drastic consequences. Typically there is an assumption that IoT products and services are largely unregulated and await specific regulations, when in fact regulations which affect IoT security do already exist with sanctions applicable to IoT providers. However as these are reliant on existing laws, which were not specifically written for the IoT market, often there is a lack of awareness of such legislation and how it may affect IoT products. This is coupled with some of the gaps in existing legislation, which usually only come to light when something goes wrong and the gaps become evident.

The Internet of Things Security Foundation (IoTSF) reminds us that “Security is not a destination, it is a journey”.

The IoTSF’s new report, “IoT Cybersecurity: Regulation Ready” is targeted at enterprises that produce or use IoT systems. With a security-focused mindset, it is intended to give IoT users and service providers a view of the current regulatory landscape and indications of the direction of some of the impending regulatory changes.

The report highlights existing legal regulations and sanctions – which vary globally – as well as highlighting already available resources and tools that can help businesses be ‘regulation ready’.

This report is an important part of the IoTSF’s Compliance activities, of which Richard Marshall, Managing Consultant at Xitex, is delighted to be leading in his role as Plenary Chair for the IoTSF.

The report is available in two versions and is free to download. A ‘concise version’ and a more detailed ‘full version’ for those who need greater depth. Both copies can be found on the Internet of Things Security Foundation’s Best Practice Guidelines webpage. 

Considering IoT Security at Home

November 21, 2018
Natalie Bourke
No Comments

It is becoming increasingly common to find a significant number of connected devices in your home; be it simply a wireless router, a fitness tracker or perhaps a smart central heating device to name a few. The number of IoT products and devices on the market is expanding at a rapid pace and with this comes a growing fear of cyber attacks and the potential for privacy invasion.

The burgeoning number of insecure Internet connected products was the key reasons why the The Internet of Things Security Foundation (IoTSF) was founded in 2015.

How do Normal Consumers at Home Manage IoT Security Threats with Ease?

Richard Marshall, Managing Consultant at Xitex Ltd and Plenary Chair to the IoTSF, recognises that “In the home environment, security needs to be managed with minimal consumer intervention and without the consumer having any specialist knowledge of security of IoT devices.”

John Moor, the IoTSF’s Managing Director, points out that, “Security is not static, it requires a series of on-going process that need to be managed over the combined life-cycles of the combined system elements – this includes services, devices and networks.”

Due to the diverse use of proprietary interfaces, it is not practical or realistic that the “plug-and-play consumer” will be able to enforce baseline security.

The IoTSF’s Newly Published Whitepaper suggests putting Security Responsibility onto Router Manufacturers and the Original Equipment Manufacturers (OEMs).

The document supplies much needed advice on the benefits of taking a hub-based approach, when connecting IoT devices and systems at home.
The hub-based approach is ideal for a “plug-and-play consumer” to ensure products and systems work together seamlessly. Yet it can also help the user avoid cyber security risks and data protection issues.

Xitex Ltd is proud to have made a significant contribution to the final version of the document. The document is intended for OEMs who are designing devices or smart hubs, Service Providers/Retailers and other Solution Providers for IoT products. To download the whitepaper please visit the IoTSF’s best practice guidelines.

For more information please see the article published on the IoTSF website.

Presenting at IoTBuild 2018

November 4, 2018
Richard
No Comments

The IoT Stack and Ecosystem Event covering Architecture, Connectivity, Security & Edge

IoT Build 2018 Invitation

Recognised as the UK’s leading event for IoT adopters, IoTBuild 2018 opens itself up to over 1000 executive level attendees. Attendees will gain access to 2 x conference tracks; 2 x technical theatres; consultancy clinics; start-up showcase, and the exhibition. In addition the event is an opportunity to meet and network with a pre-qualified audience of trusted advisors, solution vendors and those eager to learn. In it’s third year of running, IoTBuild 2018 is bigger and better than ever before.

We are proud to announce that Richard Marshall, Plenary Group Chair, IoT Security Foundation, will be speaking at IoTBuild 2018.

So we are pleased to offer you a complimentary Expo Ticket to join us this November. Your Expo Ticket will give you access to industry case studies in the Connectivity and Security theatre, entrance to the consultancy clinic, 1-2-1 meetings, exhibition and drinks reception.

To RSVP Your IoTBuild 2018 Expo ticket, please click this link!

IoTSF Plenary Group Chair Appointment

July 6, 2016
Richard
No Comments

We are delighted to announce that Richard Marshall, Managing Consultant at Xitex ltd, has been appointed as the Plenary Group Chair of the IoT Security Foundation (IoTSF).

The IoTSF was established in response to emerging threats that were found in the Internet of Things applications. It’s mission is to secure the Internet of Things. This is done by promoting and teaching good practice in appropriate security to users. Xitex are pleased to be a founder member of the IoTSF. 

Upon appointment as Plenary Group Chair, Richard commented: “I see the issue of security as a cornerstone to the adoption of the Internet of Things… I am honoured to be leading the Plenary.”

The Plenary Group of the IoTSF is a forum for central members to identify any challenges that they are facing. As Richard highlighted, “The industry urgently needs to address the issue of security or face the risk of heavy regulation and a potential loss of confidence in the markets”. Through the IoTSF Plenary Group, members can raise their concerns to active working groups. From here, these active working groups can then determine appropriate measures and outcomes. Typically they form best practice guidelines which fall under the simple requirement of being accessible, useful and actionable.

Dr John Haine, Chair of the IoTSF Executive Steering Board, said: “We’re really pleased to welcome Richard as the Plenary Chair. It is important that the IoTSF membership is able to determine its technical priorities and organise its’ work, and Richard’s combination of experience and talents will be a real boost in that area.”

Please find further details at the Internet of Things Security Foundation’s website.

Xitex at the Verification Futures 2016 Conference

February 3, 2016
Richard
No Comments

Xitex is pleased to announce that they will be presenting at the Verification Futures 2016 Conference on the 4th February 2016.

Organised by TVS, Verification Futures 2016 is a one day conference, exhibition and industry networking event to discuss the challenges faced in hardware verification. The day will host a fantastic opportunity to network with other verification engineers across Europe. As well as this, the event will offer an opportunity for end users to explain their current and present verification challenges, to collaborate with vendors and find solutions together.

Xitex’s presentation at Verifications Futures 2016 will be on Security Standards and Architecture Considerations for Secure Hardware Design and Verification.

Richard Marshall, Managing Consultant at Xitex ltd, will be presenting in at the event. His focus will be in consideration of the foundations of secure products. He will particularly discuss the need for true random number sources for nonce and key generation, as well as product compliance with standards such as FIPS 140-2 and 186-4. Where a larger number of customers must be considered – for example the mobile network operators mandating standards compliance – he will go on to consider what independent tests are available to demonstrate standards compliance. Consideration will also be given to some of the architectural security verification challenges and Richard will go on to look at a brief case study on secure hardware for 3G/4G Small cells.

Further information about the Verification Futures Conference 2016 can be found on their website at Verification Futures Europe 2016

Xitex joins the IoT Security Foundation (IoTSF)

October 14, 2015
Richard
No Comments

We’re pleased to announce that Xitex has become a Founder Member of the Internet of Things Security Foundation (IoTSF).IoTSF Founder Member

Following rapid technology advancements in recent years, a realisation has grown of the number of  benefits that the Internet of Things can offer, across multiple businesses.  Of course, this growth has also sprung up a new security challenge: as more devices become connected to one another, they open themselves up to attackers.

The IoTSF recognises that IoT security is a number one concern for executives, providers, system adopters and users alike. It has been established as a response to the rising concerns and challenges regarding security. The IoTSF strives to be ‘the expert resource for sharing knowledge, best practice and advice’.

Xitex ltd. has had first hand involvement in security improvements in connected devices. Our experience includes working with Small Cells and 3G/4G basestations that can be deployed in home and/or enterprise premises. Using this experience, we are now excited about being able to support organisations like the IoT Security Foundation in promoting awareness of good security practices and in the creation and development of codes of best practice.

We hope that, together, our work will strengthen the currently weak levels of product security in the growing IoT market.

For more information please see the Internet of Things Security Foundation (IoTSF) website.

How VW Might have Fixed their Emissions Problem

October 12, 2015
Richard
No Comments

How VW Might Have Fixed their Emission Problem

The recent publicity that surrounds the VW diesel emissions scandal only just begins to highlight the security challenges that IoT users and producers must consider today.

Using the VW diesel emissions scandal as a case study, Xitex’s founder Richard Marshall has written a blog post for the IoT Security Foundation on the importance of being able to remotely patch product firmware. His writing particularly looks at how VW might have reduced the impact of their diesel car emission problem if they had been able to remotely update the ECU firmware.

The full blog post can be found on their website: at: How VW Might Have Fixed their Emission Problem.

Layout mode
Predefined Skins
Custom Colors
Choose your skin color
Patterns Background
Images Background