By Steve Hanna, Co-Chair of the Internet of Things (IoT) Workgroup at TCG
As the number of intelligent and connected Internet of Things (IoT) devices continues to grow, with many making use of sensitive data and gathering critical information, GlobalPlatform has launched IoTopia, a common framework for standardizing the design, certification, deployment and management of IoT devices.
Building on the four foundational pillars of Security by Design, Device Intent, Autonomous, Scalable Secure Device Onboarding and Device Lifecycle Management, GlobalPlatform’s debut of IoTopia is a welcome addition to the mission to secure the IoT. With such vast networks being left susceptible to interception and hacks, standards-based high-quality security is paramount and industry-wide collaboration is required to achieve this. The introduction of IoTopia brings reinforcements which will help to overcome such challenges in their entirety, creating safe connectivity for all users.
Like GlobalPlatform, TCG is committed to securing the IoT ecosystem. TCG published our Guidance for Securing IoT in 2015 and our Architects Guide: IoT Security in 2018 and continues to develop specifications and guidance for securing the IoT ecosystem. TCG Self-Encrypting Drive (SED) technology offers full-coverage data-at-rest protection against a range of attacks. This SED technology has the potential to address critical IoT issues.
Since 2012, TCG has also formally collaborated with GlobalPlatform on IoT and mobile device security topics, including providing TCG written comments on Global Platform specifications and frequent joint calls on security, privacy, and remote attestation. TCG collaborates with GlobalPlatform to highlight TCG’s platform integrity technologies and ensure compatibility between TCG and GlobalPlatform specifications.
As GlobalPlatform expands their IoTopia project, TCG looks forward to working with them to promote platform integrity. Working together in harmony, we can address the growing demand for IoT security.
Membership in the Trusted Computing Group is your key to participating with fellow industry stakeholders in the quest to develop and promote trusted computing technologies.
Standards-based Trusted Computing technologies developed by TCG members now are deployed in enterprise systems, storage systems, networks, embedded systems, and mobile devices and can help secure cloud computing and virtualized systems.
Trusted Computing Group announced that its TPM 2.0 (Trusted Platform Module) Library Specification was approved as a formal international standard under ISO/IEC (the International Organization for Standardization and the International Electrotechnical Commission). TCG has 90+ specifications and guidance documents to help build a trusted computing environment.