Secure Thingz, part of the IAR Systems Group, has teamed up with the IoT Security Foundation in the UK for a set of tools and training that give embedded developers with a simplified path to building secure applications for the Internet of Things (IoT).
The Compliance Suite helps developers produce systems that meet EN 303645, UK & Australian 13 Best Practices and the evolving US Cybersecurity Improvement Act (NISTIR 8259).
Most IoT applications are unique and formal certification methodologies can be costly and time consuming, so the IoT Security Foundation in Cambridge developed an IoT Security Compliance Framework. This enables organizations to build a self-certification methodology that meshes with the 13 Best Practices captured in UK and European Secure by Design guidelines. Secure Thingz is a founder member of the IoT Securoty Foundation.
The Compliance Suite from IAR Systems and Secure Thingz includes a set of development tools and Preconfigured Security Contexts that enables developers to rapidly implement core aspects of these guidelines, such as moving from passwords to certificate-based identification; the implementation of update policies; and the use of advanced device specific security enclaves to protect provisioned information. Coupled with these tools is a set of training and support resources linking the functional requirements with the certification requirements identified in the IoT Security Foundation Compliance Questionnaire, ensuring a rapid implementation that meets international requirements.
“We are excited to enable our customers to meet the best practice certification provided by the IoT Security Foundation Compliance Framework,” said Haydn Povey, CEO, Secure Thingz, aqcuired by Swedish development tool maker IAR Systems in 2018. “We believe that compliance with these best practices is critical in enabling IoT to be successful, in ensuring interoperability based on trust, and ensuring customer confidence.”
Compliance is a signficant step towards formal third party certification, such as Global Platform Security Evaluation Standard for IoT Platforms (SESIP), and the Arm PSA requirements. By implementing the IoT Security Foundation Compliance Framework, developers are aligning their organizations with