X-Frame-Options: DENY


Change log


Site changes and updates; newest to oldest.

July 15 - 18'

Had forgotten about some waiting finished content - Added a new Product Security Pre-Launch Checklist page to the Guidance menu selection; along with its accompanying checklist template PDF file.  Also updated the Principles of IoT Cybersecurity list with some minor content edits and major layout change.

July 7 - 18'

Finally getting the threats list back in after a long research and design phase with the relaunch of the Cybersecurity Threats section off the main page.  It still has some rough edges and a few text edits to sort out, but we wanted to get v 1.0 live and adjust later. 

Also adjusted formatting on Security Context section and a few other smaller adjustments throughout the main page and Change Log.  And added a link to the Creative Commons license description page in the page footer - for all who find this content useful and want to acknowledge sourcing responsibly ;-).  A lot of work has gone into this site content, so a reminder to please credit and support as best you can.

Finally, send us feedback on any recommendations or disagreements on content - especially the new threats list.

July 5 - 18'

Updated the primary image for the 16 Pillars of IoT Cybersecurity to a newer version, and added a new System Security Context portion at the end of the Understanding Security Context section of the main page.

May 15 - 18'

Linked up the Device Security Rating System white paper to the Ratings section of the main page and created a standalone page for the embedded white paper.  Also made a major update to the Attacker M.O. (modus operandi) page with a refresh of content and image look. Also minor tweaks to the 16 Pilars section.

APR 29 - 18'

Created initial version of the 16 Pillars of IoT Cybersecurity section.  Made minor adjustments to the Security Context section - moved the hacking process diagram there from the Threats section.  Previously pulled the Threats section to rebuild the content fresh.  Also added two additional attack surface categories.

Apr 19 - 18'

Update and cleanup of the About-Overview page content.

Added a new section - Device Security Rating System - to the main framework landing page.

Apr 15 - 18'

Apr 14 - 18'

Made a major update to the Security Context section of the Main page.  Primarily a rework of the Attack Surface categories, but also modified/edited other areas of the tables and page content.  This section content is much stronger and tighter now.

Apr 05 - 18'

It has been a while for new content.  A lot of content building going on in the background over the past several months that has been starting to roll out.  This will be a combined update for a number of large and small changes that have occurred over the past month or so. 

There was a major revamping of the Cybersecurity Principles of IoT page to bring it in line with current thinking and approach that supports both the DSLA and DSRS (upcoming) models.  There was a major rework of the Device SLA page to show more of its strategic direction and provide more detail around what it will communicate.  The IoT Systems Classification model on the main page was also reworked considerably to reflect updated thinking and approach.  It is now at version 3 and will better sync with the new device security rating system (DSRS) model coming out, as well as the planned Device Security Level Agreement structure.  The best practices page was also made directly available as a PDF checklist for download from its page.  Much more to come...

may 30 - 17'

Released initial Draft .9 versions of the 'Cybersecurity Health-Check: Network & Cloud' and the 'Cybersecurity Health-Check: Product Development' controls lists.

may 23 - 17'

Updated introduction-lead content off the Main splash page along with the start of numerous restructuring of content pages to new directories and Main page layout; in preparation for upcoming new content releases and hopefully improved organization of key content sections.

May 20 - 17'

Updated the About page content to better align with site branding change and initiative focus.

MAR. 5 - 17'

Made the switch to new branding by changing from the M2I Security Framework to the IoT Security Initiative.  The dominance of the IoT term in industry became clear, and changing to an Initiative over a framework will allow greater site flexibility.

jan. 9 - 17'

Released the initial Device Support Level Agreement page; along with updates to the Main page to place an associated link-to image.

Jan. 1 - 17'

Released the initial Cybersecurity Principles of IoT page; along with updates to the Main page to place an associated link-to image.

DEC. 26 - 16'

Updated the "System Security Design Principles" section by changing title to be called System Security Design Best Practices; expanded and modified Defense Objectives list in same section; and made major update to this sections Principes, now Best Practices, list with several new, removed, and edited items.

Dec. 19 - 16'

Made a number of changes throughout the Secure-Me page to address grammar bugs, add new security controls, refine content overall, and change the contact form into a more specific feedback survey.

Dec. 16 - 16'

Released initial Change-Log page to allow better tracking of site content changes.  Also implemented new survey/feedback button to the same section to test use for promoting quick, and simple feedback on key content areas.

Nov. 22 - 16'

Major update to the IoT Operational Classifications image/content in End-to-End Architecture sections.  Changed device primary and secondary categories to more logically fit and add new ones, and updated description content.

Nov. 5 - 16'

Released initial version of the Secure-Me page; the VIP digital OPSEC guidance for individuals creating and operating critical systems and services.