Abstract

A long list of documents have been offered as security advice, codes of practice, and security guidelines for building and using security products, including Internet of Things (IoT) devices. To date, little or no systematic analysis has been carried out on the advice datasets themselves. Towards addressing this, with IoT as a case study, we begin with an informal analysis of two documents offering advice related to IoT security—the ETSI Provisions and the UK DCMS Guidelines—and then carry out what we believe is the first systematic analysis of these advice datasets. Our analysis explains in what ways the ETSI Provisions are a positive evolution of the UK DCMS Guidelines. We also suggest aspects of security advice warranting special attention by those offering security advice. Such parties may find the systematic analysis method, which categorizes advice into predefined categories, to be of general interest beyond IoT itself.

Talk to us

Join us for a 30 min session where you can share your feedback and ask us any queries you have

Schedule a call

Disclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.