Internet of Things

Date Published: March, 01, 2015
Internet of Things

Internet of Things

Devices that are accessible from TCP/IP networks face regular attack.  Since there are more IoT devices than there are people on earth, if we are to address this problem, it must be in a standards-based way that empowers IoT devices to evaluate themselves and each other before agreeing to a establish a telecommunications session.


TCG has published an Architect’s Guide to implement security in the IoT, Architects Guide: IoT Security. This guide demonstrates using widely available and implemented industry standard solutions for a secure IoT infrastructure.

More details and recommendations on the role of trust and industry standards and implementations are detailed in the TCG Guidance for Securing IoT.

TCG suggests that this can be accomplished by answering two simple questions:

  • Who are you? This is answered by the use of security hardware to protect a unique identity
  • Can I trust you? This is based on gathering integrity information about the firmware and hardware on the device and comparing gathered information to expected information.  If they match, then the device can be trusted.  If they do not, then some unknown party has modified the device and it can no longer be trusted.

The intention is to make it possible for a deployment of IoT devices to organize themselves into closed networks based on mutual recognition of both identity and integrity.  Devices that cannot provide a recognized identity and a valid integrity report are unable to communicate with devices that are part of the closed community.  This approach

  • Enables compliance and audit of deployments of IoT devices by providing hardware-protected information about the identity and software inventory for every device in the network
  • Creates a fundamental improvement in the security and trustworthiness of IoT deployments faced with software-based attacks over TCP/IP networks.

To support this approach, IoT devices should have a hardware root of trust like a TPM. Such a hardware root of trust can support strong device authentication, measured boot, and remote attestation. For details on how these techniques work, see the TCG Architect’s Guide for Cybersecurity.

For the foreseeable future, most IoT devices will not have a hardware root of trust like a TPM.  To deal with this legacy, we support the deployment and use of IF-MAP Metadata for ICS Security.  This standard supports a gateway architecture for IoT deployments, making it possible to establish secure and trusted communications for devices that do not have roots of trust. For information on this solution, see the TCG Architect’s Guide for ICS Security.


Membership in the Trusted Computing Group is your key to participating with fellow industry stakeholders in the quest to develop and promote trusted computing technologies.

Join Now

Trusted Computing

Standards-based Trusted Computing technologies developed by TCG members now are deployed in enterprise systems, storage systems, networks, embedded systems, and mobile devices and can help secure cloud computing and virtualized systems.

Read more


Trusted Computing Group announced that its TPM 2.0 (Trusted Platform Module) Library Specification was approved as a formal international standard under ISO/IEC (the International Organization for Standardization and the International Electrotechnical Commission). TCG has 90+ specifications and guidance documents to help build a trusted computing environment.

Read More