NIST Released Internet of Things Security Guidance
IOT devices are becoming more common throughout the world. Experts predict that the popularity of these devices only to grow, but in addition it will grow and the potential for abuse. US Department of Homeland Security (DHS) and the National Institute of Standards and Technology (NIST) at the end of last year issued new guidelines aimed at improving the safety of IoT. It was done partly in response to recent large DDoS attacks using IoT c botnets, as well as because of the serious security problems in the IoT devices.
DHS published a document aimed at manufacturers, service providers, developers and users of business-level while the much more advanced NIST document is intended for manufacturers with a management / developers on how to design safer products. Meanwhile, a special publication of NIST 800-160 includes an array of 242 pages of technical details on how to build connected systems that are as stable and reliable as possible. As well as it focuses on assessing the reliability of various Internet connected devices and their impact through a number of processes, each controlled device lifecycle. Like other special publications addressing the NIST security, management stresses the need to actively consider and promote safety as a part of the product development process, and to consider it during both the design and product life cycle.
The US government has made it clear it does not want to wait for the rise DDoS attacks using IoT devices in the future.
Systems Security Engineering Considerations for a Multidisciplinary Approach in the Engineering of Trustworthy Secure Systems