DOWNLOAD PDF (1.8MB): Cybersecurity for Things – Part 1

An introduction to challenges and techniques for building and operating devices securely

No Application is PERFECTLY secure. Making complex connected devices for the Internet of Things (IoT) secure is difficult.
  • Too late to know everything about cybersecurity
  • Let us help you understand the challenges and solutions
Who this ebook series is for: The emphasis in this ebook series is on how to proactively build and keep IoT solutions secure, with a focus on software–on what’s relevant and useful for IoT solution developers. Standard IT techniques to prevent or deal with intrusions (e.g., anti-virus) are not covered.

The subject is huge; this ebook series surveys resources and provides extensive references to additional information, both in footnotes on each page and collected in the References section.

Protecting IoT solutions from those who would harm us will be critical to the growth of the IoT and to our personal and business safety and security. Using the resources and ideas presented here will not ensure perfect security, but it will greatly reduce risk.

A key to more secure IoT solutions is to reduce software flaws that result in exploitable security vulnerabilities. Our focus is on how to do that.

This ebook is the first in a series covering a number of topics aimed at IoT security. This ebook introduces the problem and then dives into design and development topics: requirements; policies / procedures; third-party IoT platforms (including selection criteria); and device operating systems. It concludes with a Glossary.

Later ebooks in the series continue with guidance for secure boot and chain of trust; communications technologies ; services , languages, and tools (including how standards like SEI CERT C/C++ and MISRA C/C++ can improve security, especially when used with tools to detect violations of the standards); industry-government collaborations to collect and share knowledge about tens of thousands of known vulnerabilities in actual products; insider threat; supply chain management; deployment; and recommendations for getting started!